Logfile of HijackThis v1.99.1
Scan saved at 4:52:17 PM, on 7/11/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\WINDOWS\SYSTEM\ELITEGEN32.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\WDW3Y505\HIJACKTHIS[1].EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.foofighters.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://red.clientapps.yahoo.com/cust...//my.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by EarthLink, Inc.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=172.16.0.254
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - _{44F9B173-041C-4825-A9B9-D914BD9DCBB3} - (no file)
O1 - Hosts: 65.120.116.172 mini.aimster.com
O1 - Hosts: 65.120.116.174
www.aimster.com
O1 - Hosts: 65.120.116.173 lite.aimster.com
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\McAgent.exe
O4 - HKLM\..\Run: [checkrun] C:\WINDOWS\SYSTEM\ELITEGEN32.EXE
O4 - Startup: Reminder-hpc40415.lnk = C:\Program Files\HP PhotoSmart\C200 Camera\Registration\Remind32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O10 - Broken Internet access because of LSP provider 'c:\windows\system\cslsp.dll' missing
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .com/VGApp/pe/Statements?FW_Event=DOWNLOAD_IMAGE&pageType=PDF: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O16 - DPF: Dialpad US Java Applet -
http://www.dialpad.com/applet/src/vscp.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) -
http://launch.gamespyarcade.com/soft...ch/alaunch.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/62...ridge-c445.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -
http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab
O16 - DPF: DigiChat Applet -
http://host4.digichat.com/DigiChat/D.../Client_IE.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = earthlink.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 207.217.77.82,192.168.0.102,207.217.120.83
PC Help Forum
» Security & Safety
» [Fixed] Hijackthis! Logs
»
[FIXED] My problem with the Spyware
[FIXED] My problem with the Spyware
> 
Linear Mode
