Hijack this log

Logfile of HijackThis v1.98.0
Scan saved at 11:27:31 PM, on 7/21/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\UNZIPPED\HIJACKTHIS[1]\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...aults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\avfto.dll/sp.html#37049
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\avfto.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\avfto.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.shareware.us/srchasst.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {990738A7-3E4B-EF17-0D61-F77B6D347DF9} - C:\WINDOWS\SYSTEM\APPDK.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - HKLM\..\RunServices: [IPSZ.EXE] C:\WINDOWS\SYSTEM\IPSZ.EXE
O4 - HKLM\..\RunServices: [D3CU.EXE] C:\WINDOWS\SYSTEM\D3CU.EXE
O4 - HKLM\..\RunServices: [ADDMS.EXE] C:\WINDOWS\ADDMS.EXE
O4 - HKLM\..\RunServices: [SDKSZ.EXE] C:\WINDOWS\SYSTEM\SDKSZ.EXE
O4 - HKLM\..\RunServices: [SDKFA32.EXE] C:\WINDOWS\SYSTEM\SDKFA32.EXE
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKLM\..\RunOnce: [Registering itss.dll..] C:\WINDOWS\SYSTEM\regsvr32 /s itss.dll
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O16 - DPF: {3CC943C7-3C99-11D4-8135-0050041A5144} (RunExeActiveX.UserControl1) - file://C:\Program Files\Gateway\HelpSpot\RunExeActiveX.CAB
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1...tmeter4_5/nminstall_en_4.52.30.0_SILENT_2.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O21 - SSODL: AUHook - {BCBCD383-3E06-11D3-91A9-00C04F68105C} - C:\WINDOWS\SYSTEM\AUHOOK.DLL
O21 - SSODL: systemie - {E306BC32-C52D-4CD4-BF9D-16E3243370C7} - (no file)

 

Please read the following message before posting a Hijack This Log:

http://forums.majorgeeks.com/showthread.php?t=26149

 

We ran adaware, spybot & cwshredder, among others....this is whats left...still running bad.

 

R3 - Default URLSearchHook is missing
O2 - BHO: Class - {990738A7-3E4B-EF17-0D61-F77B6D347DF9} - C:\WINDOWS\SYSTEM\APPDK.DLL (file missing)

the fact that those files are missing seems like you tried to del it but it came back. looks a bit suspicious to me but im not sure so im just pionting this out for the real spyware person that comes here next.

 

yeah i know im new to looking over hijack this logs but since everyone is posting them on here i'd figure i would look them over and try to do some my self. the file i highlited i think is that home search assistant because it looks like he tried to delete it and something is looking for it.

 

since im just learning i have a ?

where did u look to find out that it was the home search assistant? i have been seeing a lot of stuff on home search assistant so i just wanted to know what it looked like so i could help others out.

 

No, you ignored the tutorial and we will no longer help people who skipped it. Way too much work for us, no effort on your part.

Finally, start your own thread when ready.

 

I did look at the tutorial. But there is this one thing that comes up that won't let me install my MSN Messenger 6.2.

874793FC-5F43-496A-8FE7-18C4DB0B1439 HRESULT:-2147024864

I have no idea what this is about. Can you please help?

 

NEVER MIND! Thanks anyway! I was looking over the list and found something. Thanks so much!