1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

help, virus

Discussion in 'Windows - Virus and spyware problems' started by Dee55, Feb 22, 2008.

  1. Dee55

    Dee55 Member

    Joined:
    Sep 11, 2007
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    11
    The other day I download Winzip 8 from limewire. I'm getting pop-ups all the time. I ran my spy sweep & Trend Micro antivirus program and they find several virus & trojans. They were put in quarantine. I uninstall the program. The pop-ups stop, until I went online today and some show up while I was offline.
    problems: security toolbar; virtumonde; zquest; web buying; webhancer; commard; radio search enhancer; ldpinch trojan; storm gen; trojan jen; trojan downloader-waverevenue.

    I don't know what use to do? Bestbuy want to charge me $200 to remove them manual.
    HELP?
     
    Dee55, Feb 22, 2008
    #1
  2. QuikDraw

    QuikDraw Regular member

    Joined:
    Sep 29, 2007
    Messages:
    808
    Likes Received:
    0
    Trophy Points:
    26
    Download hijackThis version 2.0.2.
    http://filehippo.com/download_hijackthis/
    Open HijackThis.
    Click, Do a system scan and save a logfile.
    Notepad will open.
    Copy and paste the logfile here for review.
     
    Last edited: Feb 22, 2008
    QuikDraw, Feb 22, 2008
    #2
  3. Dee55

    Dee55 Member

    Joined:
    Sep 11, 2007
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    11
    This is also create some problem when I start my computer.
    error message:error loading c:\windows\syste 32\bnnthj.t.dlll
    the specified module could not be found.
    Also when I go to the internet.
    error message: line b problem parsing xml: 'null" is null o not an object.
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:25:12 PM, on 2/22/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Multimedia Card Reader\shwicon2k.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    C:\Program Files\Lexmark 5400 Series\lxctmon.exe
    C:\Program Files\Lexmark 5400 Series\ezprint.exe
    C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\gearsec.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\WINDOWS\System32\lxctcoms.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\RABCO\X_RABCOse.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us10.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us10.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
    O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
    O4 - HKLM\..\Run: [Sunkist2k] "C:\Program Files\Multimedia Card Reader\shwicon2k.exe"
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [BJCFD] "C:\Program Files\BroadJump\Client Foundation\CFD.exe"
    O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
    O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
    O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [Trend Micro AntiVirus 2007] "C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe" -1 --delay 15
    O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [spa_start] "C:\WINDOWS\System32\Rundll32.exe" "C:\WINDOWS\system32\sprt_ads.dll" DllStart
    O4 - HKLM\..\Run: [c4b9f7d6] "rundll32.exe" "C:\WINDOWS\system32\bnnthjit.dll",b
    O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
    O4 - HKCU\..\Run: [Regscan] C:\WINDOWS\System32\regscan.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: RABCO - Auto Update.lnk = C:\Program Files\RABCO\RABCOse.exe
    O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk788YYUS
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
    O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-8.0.2.40/omaha/omaha-en_US.cab
    O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.9.0.61/aces/aces-en_US.cab
    O16 - DPF: All-In Texas Hold'em by pogo - http://game1.pogo.com/applet-8.0.3.20/allin/allin-en_US.cab
    O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-8.0.3.36/backgammon/backgammon-en_US.cab
    O16 - DPF: Battle Phlinx by pogo - http://game1.pogo.com/applet-6.6.1.37/battlephlinx/battlephlinx-en_US.cab
    O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-8.0.3.20/blackjack/blackjack-en_US.cab
    O16 - DPF: Blooop by pogo - http://game1.pogo.com/applet-6.9.4.41/cascade/cascade-en_US.cab
    O16 - DPF: Bowling by pogo - http://game1.pogo.com/applet-6.8.2.23/bowling/bowling-en_US.cab
    O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.6.2.21/videoblackjack/videoblackjack-en_US.cab
    O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.9.0.61/canasta/canasta-en_US.cab
    O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-8.0.3.20/checkers2/checkers-en_US.cab
    O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.6.5.31/cribbage/cribbage-en_US.cab
    O16 - DPF: Dice City Roller by pogo - http://game1.pogo.com/applet-6.9.2.22/ytz/ytz-en_US.cab
    O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-8.0.1.23/checkeredflag/checkeredflag-en_US.cab
    O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.7.2.33/domino/domino-en_US.cab
    O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-8.0.1.23/videopoker2/doubledeuce-en_US.cab
    O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.9.3.29/superbingo/superbingo-en_US.cab
    O16 - DPF: Greenback Bayou by pogo - http://game1.pogo.com/applet-6.9.1.38/greenback/greenback-en_US.cab
    O16 - DPF: Hangman Hijinks by pogo - http://game1.pogo.com/applet-8.0.3.20/hangman/hangman-en_US.cab
    O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.8.2.23/harvest/harvest-en_US.cab
    O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-8.0.2.32/hearts/hearts-en_US.cab
    O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-8.0.2.40/drawpoker/drawpoker-en_US.cab
    O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.9.4.34/pool2/pool-en_US.cab
    O16 - DPF: Hog Heaven Slots by pogo - http://game1.pogo.com/applet-8.0.3.20/fancy/fancy-en_US.cab
    O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-8.0.0.30/jigsaw/jigsaw-en_US.cab
    O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-8.0.1.23/videopoker2/jokerswild-en_US.cab
    O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.9.3.39/gin2/gin2-en_US.cab
    O16 - DPF: Lost Temple Poker by pogo - http://game1.pogo.com/applet-8.0.2.32/mhpoker/mhpoker-en_US.cab
    O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-8.0.0.20/lottso/lottso-en_US.cab
    O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-8.0.0.20/mahjong2/mahjong2-en_US.cab
    O16 - DPF: Makeover Madness by pogo - http://game1.pogo.com/applet-8.0.1.23/shoes/shoes-en_US.cab
    O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.9.0.43/mlslots/mlslots-en_US.cab
    O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.9.0.43/paigow/paigow-en_US.cab
    O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.9.0.43/freecell/freecell-en_US.cab
    O16 - DPF: Payday Freecell Solitaire by pogo - http://game1.pogo.com/applet-6.9.4.41/freecell2/freecell2-en_US.cab
    O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.9.2.22/waterwheel/waterwheel-en_US.cab
    O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-8.0.0.30/flinger/flinger-en_US.cab
    O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-8.0.0.30/pinochle/pinochle-en_US.cab
    O16 - DPF: Pirate's Gold by pogo - http://game1.pogo.com/applet-6.8.2.23/piratesgold/piratesgold-en_US.cab
    O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.9.3.49/popfu/popfu-en_US.cab
    O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.9.1.32/poppazoppa/poppazoppa-en_US.cab
    O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-8.0.2.32/poppit2/poppit2-en_US.cab
    O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-8.0.3.36/hotstreak/hotstreak-en_US.cab
    O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.6.2.35/squares/squares-en_US.cab
    O16 - DPF: Shuffle Bump by pogo - http://game1.pogo.com/applet-8.0.0.20/puck/puck-en_US.cab
    O16 - DPF: Spades 2 by pogo - http://game1.pogo.com/applet-8.0.2.32/spades2/spades2-en_US.cab
    O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.9.2.40/spider/spider-en_US.cab
    O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.8.4.51/squelchies/squelchies-en_US.cab
    O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.9.3.39/sweeper/sweeper-en_US.cab
    O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-8.0.3.20/sweettooth/sweettooth-en_US.cab
    O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.9.4.34/holdem/holdem-en_US.cab
    O16 - DPF: Tornado 21 - http://download.games.yahoo.com/games/clients/y/t21t0_x.cab
    O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.8.4.51/peaks/peaks-en_US.cab
    O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-8.0.2.40/tumbee2/tumbee2-en_US.cab
    O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.6.2.21/turbo21/turbo21-en_US.cab
    O16 - DPF: Turbo 21 v2 by pogo - http://game1.pogo.com/applet-8.0.2.32/turbo22/turbo22-en_US.cab
    O16 - DPF: Vaults of Atlantis Slots by pogo - http://game1.pogo.com/applet-8.0.1.23/mlslots/mlslots-en_US.cab
    O16 - DPF: Video Poker - http://download.games.yahoo.com/games/clients/y/vpt0_x.cab
    O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-8.0.1.23/videopoker2/videopoker-en_US.cab
    O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/applet-6.6.5.31/memories/memories-en_US.cab
    O16 - DPF: Word Craft by pogo - http://game1.pogo.com/applet-6.9.4.34/babble/babble-en_US.cab
    O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.9.3.39/wordwhomp2/whomp2-en_US.cab
    O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-8.0.1.32/whackdown/whackdown-en_US.cab
    O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.9.3.29/worldclass/worldclass-en_US.cab
    O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
    O16 - DPF: Yahoo! Canasta - http://download.games.yahoo.com/games/clients/y/yt1_x.cab
    O16 - DPF: Yahoo! Dice - http://download.games.yahoo.com/games/clients/y/dct4_x.cab
    O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
    O16 - DPF: Yahoo! Gin - http://download.games.yahoo.com/games/clients/y/nt1_x.cab
    O16 - DPF: Yahoo! Klondike Solitaire - http://presence.games.yahoo.com/yog/y/ks12_x.cab
    O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
    O16 - DPF: Yahoo! Spades - http://download2.games.yahoo.com/games/clients/y/st3_x.cab
    O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mystery%20in%20London/Images/stg_drm.ocx
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v46/shared/FunGamesLoader.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
    O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
    O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
    O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} (WildTangent Active Launcher) - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab
    O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - https://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
    O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
    O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} (BJA Control) - http://www.worldwinner.com/games/v57/bjattack/bja.cab
    O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
    O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinner.com/games/v47/blockwerx/blockwerx.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1173063602140
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1173063592375
    O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://clubgames.pogo.com/online2/pogop/chainz_2/mjolauncher.cab
    O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab55579.cab
    O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/ghtumblebugs/axhost.cab
    O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
    O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://www.worldwinner.com/games/v46/sol/sol.cab
    O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab55579.cab
    O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} (LogData Class) - http://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {B12213CD-4189-415D-A054-7999528459F7} (pixelStormLauncher Class) - http://aolsvc.aol.com/onlinegames/tryrumblecube/pixelstormlauncher.cab
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    O16 - DPF: {BB637307-92FA-47EC-B3F7-6969078673CC} (Royal Control) - http://www.worldwinner.com/games/v44/royal/royal.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
    O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://aolsvc.aol.com/onlinegames/sonybewitched/main.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://aolsvc.aol.com/onlinegames/free-trial-yahtzee/zylomplayer.cab
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Everest/Images/armhelper.ocx
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
    O16 - DPF: {DBA8E419-0D5F-439B-A3CC-D01C768D9B51} (DVCDownloaderControl Object) - http://www.sonypictures.com/games/thedavincicode/DVCDownloaderControl.cab
    O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://clubgames.pogo.com/online2/pogop/diner_dash/DinerDash.1.0.0.80.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://sympatico.zone.msn.com/bingame/popcaploader_v10.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://aolsvc.aol.com/onlinegames/oberonmajongescape/PTGameLauncher.cab
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    O23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxct_device - - C:\WINDOWS\System32\lxctcoms.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: Trend Micro AntiVirus Protection Service (tavsvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe
    O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

    --
    End of file - 23424 bytes
     
    Dee55, Feb 22, 2008
    #3

Share This Page