Platform: Windows 98 SE (Win9x 4.10.2222A)
[full path to filename] [file version] [company name]
C:\WINDOWS\SYSTEM\KERNEL32.DLL 4.10.0.2222 Microsoft Corporation
C:\WINDOWS\SYSTEM\MSGSRV32.EXE 4.10.0.2222 Microsoft Corporation
C:\WINDOWS\SYSTEM\MPREXE.EXE 4.10.0.1998 Microsoft Corporation
C:\WINDOWS\SYSTEM\MSTASK.EXE 4.71.1972.1 Microsoft Corporation
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE 9.0.0.10 Networks Associates Technology, Inc
C:\WINDOWS\SYSTEM\mmtask.tsk 4.3.0.1998 Microsoft Corporation
C:\WINDOWS\EXPLORER.EXE 4.72.3110.1 Microsoft Corporation
C:\WINDOWS\SYSTEM\SYSTRAY.EXE 4.10.0.2222 Microsoft Corporation
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE 1.0.0.1 Hewlett-Packard
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE 9.0.0.7 Networks Associates Technology, Inc
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE 5.0.0.2 McAfee, Inc
C:\WINDOWS\ptsnoop.exe
C:\PROGRAM FILES\MCAFEE\MCAFEE ANTISPYWARE\MSSCLI.EXE 1.0.1117.0 Network Associates, Inc.
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE 9.0.0.8 Networks Associates Technology, Inc
C:\WINDOWS\SYSTEM\STIMON.EXE 4.10.0.2222 Microsoft Corporation
C:\WINDOWS\SYSTEM\WMIEXE.EXE 5.0.1755.1 Microsoft Corporation
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\HI\MSNAPPAU.EXE 1.2.3000.1001 Microsoft Corporation
C:\WINDOWS\SYSTEM\SPOOL32.EXE 4.10.0.1998 Microsoft Corporation
C:\WINDOWS\RUNDLL32.EXE 4.10.0.1998 Microsoft Corporation
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSFTSN.EXE 9.0.0.0 Networks Associates Technology, Inc
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE 6.0.2800.1106 Microsoft Corporation
C:\WINDOWS\SYSTEM\DDHELP.EXE 4.9.0.900 Microsoft Corporation
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE 6.0.2800.1106 Microsoft Corporation
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE 1.98.0.2 Soeperman Enterprises Ltd.
Logfile of HijackThis v1.98.2
Scan saved at 2:38:32 PM, on 3/20/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\WINDOWS\ptsnoop.exe
C:\PROGRAM FILES\MCAFEE\MCAFEE ANTISPYWARE\MSSCLI.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\HI\MSNAPPAU.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSFTSN.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotoffers.info/253/
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\HI\MSNTB.DLL (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [McRegWiz] C:\Program Files\McAfee.com\Agent\McRegWiz.exe /autorun
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\Run: [_AntiSpyware] C:\PROGRAM FILES\MCAFEE\MCAFEE ANTISPYWARE\MssCli.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe /embedding
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe -quiet
O4 - HKCU\..\Run: [winltmpv] c:\windows\nvsvwc.exe
O4 - HKCU\..\Run: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe
O4 - HKCU\..\RunServices: [Yahoo! Pager] C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe -quiet
O4 - HKCU\..\RunServices: [winltmpv] c:\windows\nvsvwc.exe
O4 - HKCU\..\RunServices: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe
O8 - Extra context menu item: Download with FlashGet - F:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: Download All with FlashGet - F:\PROGRAM FILES\FLASHGET\jc_all.htm
O8 - Extra context menu item: Download using LeechGet Wizard - file://D:\PROGRAM FILES\LEECHGET 2004\\Wizard.html
O8 - Extra context menu item: Download using LeechGet - file://D:\PROGRAM FILES\LEECHGET 2004\\AddUrl.html
O8 - Extra context menu item: Parse with LeechGet - file://D:\PROGRAM FILES\LEECHGET 2004\\Parser.html
O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRAM FILES\GO!ZILLA\download-with-gozilla.html
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll