John thanks a lot for responding to my issue. Hope to solve this working together with you. I have posted information that you have requested.
Hijack This logLogfile of HijackThis v1.99.1
Scan saved at 5:27:22 PM, on 3/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\iPass\iPassConnect\iPCAgent.exe
C:\WINDOWS\orclobi\MyDesktop\MyDesktopService.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\orclobi\MyDesktop\MyDesktopQOS.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\windows\orclobi\ebi\CheckDefrag.exe
C:\WINDOWS\orclobi\ebi\cischd.exe
C:\WINDOWS\system32\lsasss.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\iPass\iPassConnect\downloader\ipccheck.exe
C:\Program Files\Oracle\Messenger\OracleMessenger.exe
D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\sgpatel\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
http://wpad/wpad.dat
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.us.oracle.com:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *oracle.com;<local>
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://ebizsrv.us.oracle.com"); (C:\Documents and Settings\sgpatel\Application Data\Mozilla\Profiles\default\dn7w2w2z.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {782b81d5-cacb-4630-9ae6-ce6349bca6b9} - C:\WINDOWS\system32\modk32.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - D:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - D:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O4 - HKLM\..\Run: [CheckDefrag] c:\windows\orclobi\ebi\CheckDefrag.exe
O4 - HKLM\..\Run: [Cischd] C:\WINDOWS\orclobi\ebi\cischd.exe
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\urpnmj.dll",setvm
O4 - HKLM\..\Run: [Lexmark_X79-55] C:\WINDOWS\system32\lsasss.exe
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.oracle.com
O15 - Trusted Zone: *.oracleads.com
O15 - Trusted Zone:
http://*.turbotax.com
O16 - DPF: Secure Global Desktop Client, 4.2 -
http://ebiztta.oraclecorp.com/tarantell ... taF-du.cab
O16 - DPF: {00191E43-49C2-48E2-A548-8F702D75622A} -
https://conference.oracle.com/imtapp/re ... nsload.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} -
http://www.drivecleaner.com/.freeware/i ... rstart.cab
O16 - DPF: {30355844-0000-0010-8000-00AA00389B71} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {32248CB1-0D1E-4889-AEA3-1A2DA540A380} (Siebel CSSAxCatalogNavigator Class) -
http://sdchs20n518.corp.siebel.com/CALL ... igator.cab
O16 - DPF: {3D5E05C4-41B2-4EB5-A5EB-970EBD646B98} (ASEActiveXCtrl Class) -
http://le2041.oracleads.com/OA_HTML/dow ... dddase.exe
O16 - DPF: {48D5324D-D593-47DF-AAE4-18CB09F1F86F} (Siebel High Interactivity Framework) -
http://sdchs22n110.corp.siebel.com/call ... Client.cab
O16 - DPF: {A07F0AC9-D8AD-449A-BE90-668F5263B261} (Siebel High Interactivity Framework) -
http://sdchs20n518.corp.siebel.com/CALL ... Client.cab
O16 - DPF: {AD8A3C8A-ABC8-4BAA-B176-0473BF553930} (Siebel Product Selection) -
http://sdchs20n518.corp.siebel.com/CALL ... ection.cab
O16 - DPF: {BFE65CD6-B930-4BD0-BEC1-00E947B2A373} (CSSAxConfigurator Class) -
http://sdchs22n110.corp.siebel.com/call ... urator.cab
O16 - DPF: {CAFECAFE-0013-0001-0021-ABCDEFABCDEF} (JInitiator 1.3.1.21) -
http://adsweb.oracleads.com/download/jinit13121.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{23A1A481-0DC3-4299-BED3-4ABD619A6BEC}: Domain = oracle.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{F0489001-EB94-433F-AE81-B92A337E243E}: Domain = oracle.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = oracle.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = oracle.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = oracle.com
O20 - Winlogon Notify: kswuag - kswuag.dll (file missing)
O20 - Winlogon Notify: modk32 - C:\WINDOWS\SYSTEM32\modk32.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: iPassConnectEngine - iPass - C:\Program Files\iPass\iPassConnect\iPassConnectEngine.exe
O23 - Service: iPCAgent - iPass, Inc. - C:\Program Files\iPass\iPassConnect\iPCAgent.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MyDesktopService (MyDesktopWindows) - Oracle Corporation - C:\WINDOWS\orclobi\MyDesktop\MyDesktopService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - C:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: QOS MyDesktop (QOSMyDesktop) - Oracle - C:\WINDOWS\orclobi\MyDesktop\MyDesktopQOS.exe
O23 - Service: WMDM PMSP Service - Unknown owner - C:\WINDOWS\system32\MsPMSPSv.exe (file missing)
AWF.txt
Find AWF report by noahdfear ©2006
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\QUICKT~1\BAK
10/25/2006 07:58 PM 282,624 qttask.exe
1 File(s) 282,624 bytes
Directory of C:\PROGRA~1\SYMANT~1\SYMANT~1\BAK
05/21/2003 01:21 AM 90,112 vptray.exe
1 File(s) 90,112 bytes
Directory of C:\WINDOWS\ORCLOBI\EBI\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\ADOBE\ADOBEA~1.0\DISTILLR\BAK
12/14/2004 03:12 AM 483,328 Acrotray.exe
1 File(s) 483,328 bytes
Directory of D:\PROGRA~1\ITUNES\BAK
10/30/2006 10:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of D:\PROGRA~1\GRISOFT\AVGANT~1.5\BAK
10/07/2006 05:20 AM 6,266,880 avgas.exe
1 File(s) 6,266,880 bytes
Directory of D:\PERSONAL\MUSIC\TUTORI~1\COMPUT~1\THECM1~1\CMINTH~1.BAK
08/29/2006 01:45 AM 1,637,146 CM in the House.00.lso
1 File(s) 1,637,146 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
282624 Oct 25 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
90112 May 21 2003 "C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\bak\vptray.exe"
483328 Dec 14 2004 "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\bak\Acrotray.exe"
102400 Dec 31 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
256576 Oct 30 2006 "D:\Program Files\iTunes\bak\iTunesHelper.exe"
6266880 Oct 7 2006 "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe"
6266880 Oct 7 2006 "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\bak\avgas.exe"
1637146 Aug 29 2006 "D:\Personal\Music\Tutorials\Computer Music Website\The CM105 Guide to House\CM in the House.bak\CM in the House.00.lso"
end of report
Uninstall manager log
1Click DVD Copy 4.2
Ableton Live v6.0.3
Adobe Flash Player 9 ActiveX
Adobe Photoshop 7.0
Adobe Reader 7.0
AOL Instant Messenger
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Autodesk DirectConnect 2.0
AVG Anti-Spyware 7.5
Broadcom Gigabit Integrated Controller
Cisco Systems VPN Client 4.8.00.0440
Cisco VPN Client 4.8
C-Major Audio
Conexant D480 MDC V.92 Modem
CopyToDVD
del.icio.us Buttons for Internet Explorer
DivX Codec
DivX Converter
DVD43 v3.9.0
Flickr Uploadr 2.3
GLOBEtrotter FLEXid Drivers
HijackThis 1.99.1
HyperSnap-DX 5.62.05
InterVideo WinDVD
iPassConnect
iPassConnect
iTunes
Java 2 Runtime Environment, SE v1.4.2_05
Lightroom
LiveReg (Symantec Corporation)
LiveUpdate 1.80 (Symantec Corporation)
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Maya 8.5
Maya 8.5 Bonus Tools
Maya 8.5 Documentation (en_US)
Microsoft Baseline Security Analyzer 1.2.1
Microsoft Office Professional Edition 2003
Microsoft Office Project Standard 2003
Microsoft Office Visio Professional 2003
Microsoft Office Visio Viewer 2003 (English)
Mozilla Firefox (1.0.7)
Native Instruments Traktor DJ Studio v3.1.3
Netscape 7.2
Novation V-Station for Cubase SX3 VSTi v1.41
O2Micro Smartcard Driver
Oracle 9iFS FileSync
Oracle Calendar
Oracle JInitiator 1.3.1.21
Oracle Messenger
Oracle Product Workbench
Oracle Web Conferencing Console
PrimoPDF
PrimoPDF Redistribution Package
PuTTY .57 with WinSCP3
Qarbon Viewlet Builder 4.5.3
QuickTime
RealPlayer
Reason 3.0
RgcAudio z3ta Plus DXi VSTi v1.41
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929969)
Sentinel System Driver
Silo 1.42
Symantec AntiVirus Client
Symantec pcAnywhere
TurboTax ItsDeductible 2006
TurboTax Premier Investments 2006
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB929338)
Update for Windows XP (KB931836)
VideoLAN VLC media player 0.8.6a
WexTech AnswerWorks
Winamp (remove only)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR archiver
WinZip 9
Yahoo! Messenger
Yahoo! Photos Easy Upload Tool
Yahoo! Photos Print-at-Home Tool
------------------------------------------------------------------------------------