Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:30:54 PM, on 1/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common
Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\WINDOWS\ehome\ehtray.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Melaleuca Widget\MelaleucaWidget.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TMobile\PwpUpdtr.exe
C:\Program Files\Common Files\New
Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Siber Systems\AI
RoboForm\RoboTaskBarIcon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\BigFix\bigfix.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\CallWave\IAM.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\TrueAssistant\TrueAssistant.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Bar = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Page =
http://us.rd.yahoo.com/customize/ie/def ... 8/*http://
http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page = http://my.melaleuca.com/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Bar =
http://us.rd.yahoo.com/customize/ie/def ... 8/*http://
http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start
Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet
Explorer\SearchURL,(Default) =
http://as.starware.com/dp/search?x=wKX1 ... dWpSlz2q9D
zn13Emww/YwEc8oELaciVrBPCKSCaCuulSnUmrrlXAbipJoxyc
TguKOkH7J0zv5TJ8I7FOCsCziefFlX22vC/dBza3Gfobm/AIMiOq/
CtIC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window
Title = Windows Internet Explorer provided by Yahoo!
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper -
{02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program
Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) -
{089FD14D-132B-48FC-8861-0048AE113215} - C:\Program
Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: ChaCha Search Toolbar -
{4E7BD74F-2B8D-469E-88BC-BC28F89AAE3C} -
C:\PROGRA~1\CHACHA~1\CHACHA~1.DLL
O2 - BHO: Comcast Toolbar -
{4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} -
C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: Yahoo! IE Services Button -
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program
Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) -
{724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program
Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy -
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) -
{7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program
Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper -
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program
Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CBrowserHelperObject Object -
{CA6319C0-31B7-401E-A518-A07C3DB8F777} -
c:\windows\system32\BAE.dll
O2 - BHO: OToolbarHelper Class -
{EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program
Files\PayPal\PayPal Plug-In\PayPalHelper.dll
O3 - Toolbar: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: &RoboForm -
{724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program
Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Windows Live Toolbar -
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program
Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) -
{9FB3908C-6565-4CB0-95F8-E9F85258723C} - (no file)
O3 - Toolbar: ChaCha Search Toolbar -
{4E7BD74F-2B8D-469E-88BC-BC28F89AAE3C} -
C:\PROGRA~1\CHACHA~1\CHACHA~1.DLL
O3 - Toolbar: PayPal Plug-In -
{DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program
Files\PayPal\PayPal Plug-In\OToolbar.dll
O3 - Toolbar: &Google -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar3.dll
O3 - Toolbar: Comcast Toolbar -
{4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} -
C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 - Toolbar: McAfee SiteAdvisor -
{0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program
Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media
Reader\readericon45G.exe
O4 - HKLM\..\Run: [Recguard]
%WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder]
%WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Lexmark 4200 Series] "C:\Program
Files\Lexmark 4200 Series\lxbmbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program
Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [tgcmd] C:\Program
Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [MelaleucaWidget] "C:\Program
Files\Melaleuca Widget\MelaleucaWidget.exe"
O4 - HKLM\..\Run: [PrevxCSI] "C:\Program
Files\PrevxCSI\prevxcsi.exe" -boot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program
Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKCU\..\Run: [Yahoo! Pager]
"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TeamOnPwpUpdater-TMPwpCli]
"C:\Program Files\TMobile\PwpUpdtr.exe" TMPwpCli
O4 - HKCU\..\Run: [updateMgr] C:\Program
Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
AcRdB7_0_9
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program
Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d
locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber
Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\RunOnce: [CheckNetworkConnection]
"C:\Program
Files\Support.com\providerComcast\desktopdoctor.exe" /flow
/flow=diagnosenetwork /trayclick=true
/haveconfirmedwiring=true /haverenewed=true
/haverestartedmodem=true /onrestart=true /havehealed=true
/issuenumber=549b8a8c-6637-4039-9183-4df44fefe5d7
O4 - HKUS\S-1-5-18\..\Run: [Power2GoExpress] NA (User
'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Power2GoExpress] NA (User
'Default user')
O4 - Startup: Melaleuca Widget Auto Update.lnk = C:\Program
Files\Melaleuca Widget\AutoUpdate.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program
Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: TrueAssistant.lnk = C:\Program
Files\TrueAssistant\TrueAssistant.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk =
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program
Files\BigFix\bigfix.exe
O4 - Global Startup: CallWave.lnk = C:\Program
Files\CallWave\IAM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program
Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search -
res://c:\program
files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word -
res://c:\program
files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search -
res://C:\Program Files\Windows Live
Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search -
file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links -
res://c:\program
files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: ChaCha Search -
file://C:\Documents and Settings\Owner\Application
Data\CHACHATOOLBAR\SelectedContextSearch_ChaCha
Search.htm
O8 - Extra context menu item: ChaCha Search with guide -
file://C:\Documents and Settings\Owner\Application
Data\CHACHATOOLBAR\SelectedContextSearch_ChaCha
Search with guide.htm
O8 - Extra context menu item: Customize Menu -
file://C:\Program Files\Siber Systems\AI
RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program
Files\Siber Systems\AI
RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Open in new background tab -
res://C:\Program Files\Windows Live
Toolbar\Components\en-us\msntabres.dll.mui/229?de2c5d0850
cd4a8fb7f6c53cc774c7a1
O8 - Extra context menu item: Open in new foreground tab -
res://C:\Program Files\Windows Live
Toolbar\Components\en-us\msntabres.dll.mui/230?de2c5d0850
cd4a8fb7f6c53cc774c7a1
O8 - Extra context menu item: RoboForm Toolbar -
file://C:\Program Files\Siber Systems\AI
RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program
Files\Siber Systems\AI
RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Similar Pages - res://c:\program
files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English -
res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps -
file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program
Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Fill Forms -
{320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program
Files\Siber Systems\AI
RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms -
{320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program
Files\Siber Systems\AI
RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save -
{320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program
Files\Siber Systems\AI
RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms -
{320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program
Files\Siber Systems\AI
RoboForm\RoboFormComSavePass.html
O9 - Extra button: Yahoo! Services -
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program
Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: RoboForm -
{724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program
Files\Siber Systems\AI
RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar -
{724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program
Files\Siber Systems\AI
RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM -
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program
Files\AIM\aim.exe
O9 - Extra button: Real.com -
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program
Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program
Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.workathomeunited.com
O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7}
(Microsoft ProgressBar Control, version 5.0 (SP2)) -
http://download.mcafee.com/molbin/Share ... /6,0,80,22
/ComCtl32.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
(YInstStarter Class) - C:\Program
Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}
(Snapfish Activia) -
http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134}
(MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
(McAfee.com Operating System Class) -
http://download.mcafee.com/molbin/share ... 4,0,0,101/
mcinsctl.cab
O16 - DPF: {50D05FAC-D462-4795-8818-738FCF776FBC}
(TMobile PwpClient DwnLdr Class) -
https://myemail.t-mobile.com/html/web/c ... /TMobile-P
wpClient.cab
O16 - DPF: {5F738800-9D2F-48CE-999B-B3D66C7E8D24}
(eWebEditProLibCtl5.eWEPLoader) -
http://www.responsemagic.com/ewebeditpr ... ditpro5.ca
b
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737}
(Windows Live Photo Upload Control) -
http://workfromhomejillpless.spaces.liv ... oUpload/Ms
nPUpld.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9}
(InetDownload Class) -
https://media.pineconeresearch.com/Acti ... oadcontrol.
cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7}
(LinkSys Content Update) -
http://www.linksysfix.com/netcheck/67/i ... downls.cab
O16 - DPF: {B40B74C9-C9B3-445C-9397-EC8285292947}
(WebImageFX.WIFXLoader) -
http://www.responsemagic.com/ewebeditpr ... magefx.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3}
(Virtools WebPlayer Class) -
http://a532.g.akamai.net/f/532/6712/4h/ ... s.com/down
loads/player/Install3.0/Installer.exe
O16 - DPF: {DB1B4C3B-8690-43B2-9045-91EDA7A12580}
(eWebEditProLibCtl4.eWEPLoader) -
http://www.responsemagic.com/ewebeditpr ... ditpro4.ca
b
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6}
(McFreeScan Class) -
http://download.mcafee.com/molbin/iss-l ... ,2,0,5205/
mcfscan.cab
O22 - SharedTaskScheduler: end -
{aaad3a22-1c07-45f5-bfb3-e9a8c3b382fe} -
C:\WINDOWS\system32\fsehfcu.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft
AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program
Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) -
Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. -
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google -
C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark
International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. -
C:\Program Files\Common
Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) -
McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. -
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc.
- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. -
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) -
McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. -
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) -
McAfee, Inc. -
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee,
Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee,
Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) -
McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. -
C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. -
C:\Program Files\Common Files\New
Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SiteAdvisor Service - Unknown owner -
C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint
Corporation - C:\Program
Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) -
http://us.i1.yimg.com/us.yimg.com/i/ww/beta/y3.gif
--
End of file - 20770 bytes