Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:07:00 AM, on 2/21/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Winamp5.52\winampa.exe
C:\Program Files\Moon Phase\moon.exe
C:\Program Files\Moon Phase\moon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://www.lycos.com"]http://www.lycos.com[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.mail.yahoo.com/"]http://www.mail.yahoo.com/[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html"]http://red.clientapps.yahoo.com/customize/...rch/search.html[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.worldwinner.com"]http://www.worldwinner.com[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [url="http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com"]http://red.clientapps.yahoo.com/customize/...//www.yahoo.com[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
F2 - REG:system.ini: UserInit=C:\WINNT\System32\Userinit.exe,SKEYS /I
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: (no name) - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: MyLogoHelper - {EA4587EB-3106-448a-8B31-F1572E981765} - C:\PROGRA~1\EDENSO~1\MyLogo.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp5.52\winampa.exe"
O4 - HKCU\..\Run: [New application] "C:\Program Files\Moon Phase\moon.exe"
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Search with &Google - C:\Documents and Settings\doc\Application Data\TuneUp Software\TuneUp Utilities\Web\gsearch.tui
O8 - Extra context menu item: View old version at &archives.org - C:\Documents and Settings\doc\Application Data\TuneUp Software\TuneUp Utilities\Web\tuarch.tui
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O10 - Unknown file in Winsock LSP: c:\winnt\system32\nwprovau.dll
O12 - Plugin for .ASP: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Buckaroo Blackjack TM by pogo - 
O16 - DPF: Checkers by pogo - 
O16 - DPF: Dice Derby by pogo - 
O16 - DPF: Fortune Bingo by pogo - 
O16 - DPF: Greenback Bayou by pogo - 
O16 - DPF: Hearts by pogo - 
O16 - DPF: Jungle Gin by pogo - 
O16 - DPF: Mah Jong Garden by pogo - 
O16 - DPF: Multiline Slots by pogo - 
O16 - DPF: Perfect Pair Solitaire by pogo - 
O16 - DPF: Squelchies by pogo - 
O16 - DPF: Tri-Peaks by pogo - 
O16 - DPF: World Class Solitaire by pogo - 
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - 
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - 
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - 
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - 
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} - 
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - [url="http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cab"]http://cdn.scan.onecare.live.com/resource/...wlscbase370.cab[/url]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url="http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203593472087"]http://www.update.microsoft.com/microsoftu...b?1203593472087[/url]
O16 - DPF: {72C9EA8F-8965-40C2-ABAD-D460A5815F86} - 
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - 
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - 
O16 - DPF: {A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6} (AOL YGP Screensaver) - 
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} - 
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - 
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - 
O16 - DPF: {B9F3009B-976B-41C4-A992-229DCCF3367C} (CoAxTrack Class) - 
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - 
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} - 
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - 
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O24 - Desktop Component 0: (no name) - file:///C:/Documents%20and%20Settings/doc/My%20Documents/vampiress_slc/ME/spookey%20images.jpg

--
End of file - 6426 bytes