0

my computer has been extremely slow the past week. I assume my son must have attained some viruses. The internet takes awhile to open and the entire computer is running slowly. Can someone please help? Here is my hijack this log:

Logfile of HijackThis v1.99.0
Scan saved at 4:43:24 PM, on 3/4/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\crvm32.exe
C:\WINNT\system32\RunDll32.exe
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\WINNT\system32\ntxf32.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINNT\Fonts\iplib.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Ahead\nero\nero.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\WINNT\system32\RUNDLL32.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\WINNT\System32\sol.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\tbfxs.dll/sp.html#44768
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aimhome.netscape.com/aimhome.adp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\system32\tbfxs.dll/sp.html#44768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\tbfxs.dll/sp.html#44768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\tbfxs.dll/sp.html#44768
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\tbfxs.dll/sp.html#44768
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://aimhome.netscape.com/aimhome.adp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {21EA2256-EDD1-7EA0-DF77-93121AC14839} - C:\WINNT\mfcou32.dll
O2 - BHO: CATLEvents Object - {98BC949B-3D81-4750-836F-4BC57BD032EE} - C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\bilpi.dat
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [avcxcaxw] C:\WINNT\system32\gxidffta.exe
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [ntxf32.exe] C:\WINNT\system32\ntxf32.exe
O4 - HKLM\..\Run: [182.tmp] C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\182.tmp.exe 2 10001
O4 - HKLM\..\Run: [tibs5] C:\WINNT\system32\tibs5.exe
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\RunOnce: [*iplib] C:\WINNT\Fonts\iplib.exe rerun
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.EXE 1
O4 - HKCU\..\RunOnce: [*WinLogon] C:\WINNT\java\classes\netvb.exe ren my_time:1109526554
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O15 - Trusted IP range: (HKLM)
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} (InstallX Class) - http://www.20x2p.com/45631238/enter.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?323
O23 - Service: AOL Connectivity Service - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service - Unknown - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: AVG6 Service - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Iomega Active Disk - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
O23 - Service: Network Security Service - Unknown - C:\WINNT\atlmi.exe (file missing)

7
Contributors
10
Replies
11
Views
12 Years
Discussion Span
Last Post by Monksrule333
0

Thank you. Here's the new log:

Logfile of HijackThis v1.99.1
Scan saved at 10:56:22 AM, on 3/5/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\crvm32.exe
C:\WINNT\system32\RunDll32.exe
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\WINNT\system32\ntxf32.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINNT\Fonts\iplib.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Ahead\nero\nero.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\WINNT\system32\RUNDLL32.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\OptScan.exe
C:\WINNT\system32\freecell.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\tbfxs.dll/sp.html#44768
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aimhome.netscape.com/aimhome.adp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\system32\tbfxs.dll/sp.html#44768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\tbfxs.dll/sp.html#44768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\tbfxs.dll/sp.html#44768
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\tbfxs.dll/sp.html#44768
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://aimhome.netscape.com/aimhome.adp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {21EA2256-EDD1-7EA0-DF77-93121AC14839} - C:\WINNT\mfcou32.dll
O2 - BHO: CATLEvents Object - {98BC949B-3D81-4750-836F-4BC57BD032EE} - C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\bilpi.dat
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [avcxcaxw] C:\WINNT\system32\gxidffta.exe
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [ntxf32.exe] C:\WINNT\system32\ntxf32.exe
O4 - HKLM\..\Run: [182.tmp] C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\182.tmp.exe 2 10001
O4 - HKLM\..\Run: [tibs5] C:\WINNT\system32\tibs5.exe
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\RunOnce: [*iplib] C:\WINNT\Fonts\iplib.exe rerun
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.EXE 1
O4 - HKCU\..\RunOnce: [*WinLogon] C:\WINNT\java\classes\netvb.exe ren my_time:1109526554
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} (InstallX Class) - http://www.20x2p.com/45631238/enter.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?323
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D02E5AD-D753-4FE3-936D-6B19378B9AF2}: NameServer = 205.188.146.145
O20 - Winlogon Notify: iplib - C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\bilpi.dat
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: AVG6 Service (AvgServ) - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
O23 - Service: Network Security Service (%AF夶À¨) - Unknown owner - C:\WINNT\atlmi.exe (file missing)

0

Eww aol it makes me shiver please close all running programs before scanning (yes even freecell)

0

sorry it took so long, but i rescanned after closing all the programs:

Logfile of HijackThis v1.99.1
Scan saved at 12:15:36 PM, on 3/8/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\crvm32.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\WINNT\system32\ntxf32.exe
C:\WINNT\system32\RUNDLL32.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINNT\Fonts\dbdns.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\WINNT\System32\MsiExec.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\auwdw.dll/sp.html#44768
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\auwdw.dll/sp.html#44768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\system32\auwdw.dll/sp.html#44768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\auwdw.dll/sp.html#44768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\auwdw.dll/sp.html#44768
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\auwdw.dll/sp.html#44768
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\auwdw.dll/sp.html#44768
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://aimhome.netscape.com/aimhome.adp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {21EA2256-EDD1-7EA0-DF77-93121AC14839} - C:\WINNT\mfcou32.dll
O2 - BHO: CATLEvents Object - {98BC949B-3D81-4750-836F-4BC57BD032EE} - C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\sndbd.dat
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [avcxcaxw] C:\WINNT\system32\gxidffta.exe
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [ntxf32.exe] C:\WINNT\system32\ntxf32.exe
O4 - HKLM\..\Run: [182.tmp] C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\182.tmp.exe 2 10001
O4 - HKLM\..\Run: [tibs5] C:\WINNT\system32\tibs5.exe
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\RunOnce: [*dbdns] C:\WINNT\Fonts\dbdns.exe rerun
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.EXE 1
O4 - HKCU\..\RunOnce: [*WinLogon] C:\WINNT\Help\abrhard.exe ren my_time:1110209946
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} (InstallX Class) - http://www.20x2p.com/45631238/enter.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?323
O20 - Winlogon Notify: dbdns - C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\sndbd.dat
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: AVG6 Service (AvgServ) - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
O23 - Service: Network Security Service (%AF夶À¨) - Unknown owner - C:\WINNT\atlmi.exe (file missing)

0

You are going to love this (not), but you are running hijackthis from a temporary folder. Please move it into a folder that you have just created in a permanent location, such as C:\Program Files\hijackthis\hijackthis.exe and when done post back a new log.

Clear out your Temporary internet files and other temp files.
Go to Start > Settings > Control Panel >Internet Options.

Under the General tab click the Delete temporary internet files,
delete all Offline content as well. Clear out Cookies.

Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all -> File > delete.

Empty/delete the entire contents of the C:\Windows\temp folder and C:\temp folder, if you have one. (Contents but not the folder itself.)

This one too if Win2K or XP.
C:\Documents and Settings\username\Local Settings\Temp\

In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to here.

Empty the Recycle Bin.

Go here to TrendMicro for an on-line scan & set it to autoclean for you.

Try this scan at Panda as well.

Does internet explorer start up when you boot your computer? If so, did you configure it that way?

0

I don't know if this will help anybody or not, but I felt compelled to offer this information based on my own frustration with this problem. I noticed that the log offered in this post contained a file running called "OptScan.exe". Well, I also have AOL, and I also noticed that lately my computer would freeze up seemingly about every 3 minutes. I hit "ctrl+alt+del" keys, and noticed "OptScan" running in the background (which had never been the case prior, and I did not even know what it was). I highlighted OptScan and clicked on "end task" and my computer was free again, but only temporarily - as the OptScan would run again in about 3 minutes. I did a search on my computer and found the OptScan.exe file in C:\Program Files\America Online 8.0\ and I found associated files in C:\Windows\All Users\Application Data\AOL\ and I deleted all of these files. Don't bother doing that, they only come back, no matter how many times you delete them they keep on coming back (but only if you sign on to AOL - incidentally I do have another ISP, and this problem has not happened with them at all, and no OptScan files show up unless I use AOL). I called AOL and explained the problem I was having, and they insisted that it had nothing to do with AOL, it was most likely spyware, and that I should contact my computer manufacturer (not that I really expected that AOL would actually be able to help with anything other than increasing my frustration level). Well, I did contact my computer manufacturer, who was able to help at least by validating my opinion of AOL "tech support" (and I use the term loosely). Anyway, I went out and bought the number one spyware detection software (software also recommended by my computer manufacturer), and also bought a complete security system for my computer, and just to be on the safe side did an fdisk and reformat of my hard drive, and loaded all the software (including the new spyware remover & security software) on my computer. I had no OptScan anywhere...until I signed on to AOL, and there it was again, and none of the new spyware detection or security software I bought detected it as a threat/problem. I did check the properties of the OptScan.exe file, and it lists "copyright America Online, Inc. 2004", which I found strange, since AOL insists it has nothing to do with them (I know, don't laugh). I also opened the other files with word pad just to check it out myself, and coincidentally I noticed that the file called "AOLszs.drv" located at C:\Windows\All Users\Application Data\AOL\ has the same spyware programs listed for detection as those found in AOL's "spyzapper" program (AOL keyword spyzapper). I went to AOL keyword spyzapper, and chose the option not to have the spyzapper program scan my computer, and clicked on "save", which did work, as OptScan would not run for the rest of my online session (as long as I did not delete the OptScan files at the same time); however, when I signed off AOL, and then later signed back on, the OptScan came back (this thing is like a bad penny). Makes me wonder what "save" actually means?? Anyway, against my better judgment I called AOL again. Despite me explaining everything to them as above, they still maintain that this is spyware, and nothing to do with them (lol). I even spoke to a supervisor at AOL, who told me to uninstall and reinstall AOL (as if that would help, obviously if I just reformatted my hard drive, I already did that), and that I would have to contact my computer manufacturer (even though I told her that I already did that), and that (again) this is spyware. I sent a request for help to my spyware detection software company, and guess what they said..........they said "sounds like a problem associated with AOL's spyzapper program". At this point, I was willing to try anything, as I became increasingly frustrated by this problem and increasingly annoyed with AOL. I changed the preferences in AOL's spyzapper to "do not scan" and clicked on save, then I went to every file associated with OptScan - all files found in the AOL folder at C:\Windows\All Users\Application Data\AOL, and also the OptScan.exe file located at C:\Program Files\America Online 8.0 (or whatever version of AOL you have) - and changed the file properties to "read only", and rebooted my computer. I signed on to AOL, and so far OptScan has not run, and my computer has not frozen, and when I check the preferences at AOL keyword spyzapper - my option of "do not scan" is actually saved now. I am not sure if the OptScan doesn't run is because the program cannot run, or because "read only" status allows my preferences in AOL's spyzapper program to actually be saved. Either way, it has not bothered me since (at least so far...). I am not able to delete these files, that would only undo all the hoops I have had to jump through to get this thing to leave me alone, as it would just come back as before, but at least I can use my computer. I am at this point seriously considering throwing AOL out with the trash :mad: . Anyway, I hope this helps somebody, and might even save somebody some money - I spent almost $100 on software trying to get rid of this problem, only to find out the only solution I could find was free anyway. At the very least it might save somebody from having to endure the same agony I did as a result of a conversation with AOL tech support. :lol:

0

Good grief- have you ever heard of paragraph breaks, nls3?! :mrgreen:

Seriously- that post is extremely difficult to follow with its current formatting (or lack thereof).

0

Good grief- have you ever heard of paragraph breaks, nls3?! :mrgreen:

Seriously- that post is extremely difficult to follow with its current formatting (or lack thereof).

:o Sorry, I guess it must be a result of my frustration and annoyance with AOL, but I am posting it again, in hopefully easier to read format. Thanks for letting me know. :)

I don't know if this will help anybody or not, but I felt compelled to offer this information based on my own frustration with this problem. 

I noticed that the log offered in this post contained a file running called "OptScan.exe".  Well, I also have AOL, and I also noticed that lately my computer would freeze up seemingly about every 3 minutes.  I hit "ctrl+alt+del" keys, and noticed "OptScan" running in the background (which had never been the case prior, and I did not even know what it was).  I highlighted OptScan and clicked on "end task" and my computer was free again, but only temporarily - as the OptScan would run again in about 3 minutes. 

I did a search on my computer and found the OptScan.exe file in C:\Program Files\America Online 8.0\ and I found associated files in C:\Windows\All Users\Application Data\AOL\ and I deleted all of these files.  Don't bother doing that, they only come back, no matter how many times you delete them they keep on coming back (but only if you sign on to AOL - incidentally I do have another ISP, and this problem has not happened with them at all, and no OptScan files show up unless I use AOL). 

I called AOL and explained the problem I was having, and they insisted that it had nothing to do with AOL, it was most likely spyware, and that I should contact my computer manufacturer (not that I really expected that AOL would actually be able to help with anything other than increasing my frustration level).  Well, I did contact my computer manufacturer, who was able to help at least by validating my opinion of AOL "tech support" (and I use the term loosely). 

Anyway, I went out and bought the number one spyware detection software (software also recommended by my computer manufacturer), and also bought a complete security system for my computer, and just to be on the safe side did an fdisk and reformat of my hard drive, and loaded all the software (including the new spyware remover & security software) on my computer.  I had no OptScan anywhere...until I signed on to AOL, and there it was again, and none of the new spyware detection or security software I bought detected it as a threat/problem. 

I did check the properties of the OptScan.exe file, and it lists "copyright America Online, Inc. 2004", which I found strange, since AOL insists it has nothing to do with them (I know, don't laugh).  I also opened the other files with word pad just to check it out myself, and coincidentally I noticed that the file called "AOLszs.drv" located at C:\Windows\All Users\Application Data\AOL\ has the same spyware programs listed for detection as those found in AOL's "spyzapper" program (AOL keyword spyzapper).  I went to AOL keyword spyzapper, and chose the option not to have the spyzapper program scan my computer, and clicked on "save", which did work, as OptScan would not run for the rest of my online session (as long as I did not delete the OptScan files at the same time); however, when I signed off AOL, and then later signed back on, the OptScan came back (this thing is like a bad penny).  Makes me wonder what "save" actually means?? 

Anyway, against my better judgment I called AOL again.  Despite me explaining everything to them as above, they still maintain that this is spyware, and nothing to do with them (lol).  I even spoke to a supervisor at AOL, who told me to uninstall and reinstall AOL (as if that would help, obviously if I just reformatted my hard drive, I already did that), and that I would have to contact my computer manufacturer (even though I told her that I already did that), and that (again) this is spyware. 

I sent a request for help to my spyware detection software company, and guess what they said..........they said "sounds like a problem associated with AOL's spyzapper program".  At this point, I was willing to try anything, as I became increasingly frustrated by this problem and increasingly annoyed with AOL. 

I changed the preferences in AOL's spyzapper to "do not scan" and clicked on save, then I went to every file associated with OptScan - all files found in the AOL folder at C:\Windows\All Users\Application Data\AOL, and also the OptScan.exe file located at C:\Program Files\America Online 8.0 (or whatever version of AOL you have) - and changed the file properties to "read only", and rebooted my computer.  I signed on to AOL, and so far OptScan has not run, and my computer has not frozen, and when I check the preferences at AOL keyword spyzapper - my option of "do not scan" is actually saved now. 

I am not sure if the OptScan doesn't run is because the program cannot run, or because "read only" status allows my preferences in AOL's spyzapper program to actually be saved.  Either way, it has not bothered me since (at least so far...).  Best I can figure, if OptScan is spyware, then AOL is the spy. :lol:

I am not able to delete these files, that would only undo all the hoops I have had to jump through to get this thing to leave me alone, as it would just come back as before, but at least I can use my computer.  I am at this point seriously considering throwing AOL out with the trash.  :mad:

Anyway, I hope this helps somebody, and might even save somebody some money - I spent almost $100 on software trying to get rid of this problem, only to find out the only solution I could find was free anyway.  At the very least it might save somebody from having to endure the same agony I did as a result of a conversation with AOL tech support.   :lol:

0

Please tell me..is what I define as "hard drive churnning" the same problem as in this thread? Obviously when you see the hard drive light flashing and every thing is SO SLOW because of it, there is some background scanning going on and takes president over your own tasks...

I always thought it was MacAffe, Pest Patrol, and Spysweeper all running at the same time, but when I close all of them the hard drive still churns.

Not until every is stopped from running "except" Explorer/Systray/Hidserv did it stop.

I closed Pcfmgr and Odhost, but no releif.

Maybe "Tgcmd" was the rascal. (The only one left)

Am I on to something?

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.