Logfile of HijackThis v1.98.2
Scan saved at 10:38:01 PM, on 3/15/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\ptsnoop.exe
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\RNATHCHK.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
C:\WINDOWS\SYSTEM\DLA\TFSWCTRL.EXE
C:\WINDOWS\SYSTEM\CMD32.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCK.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCESS.EXE
C:\WINDOWS\SYSTEM\BO2OADER.EXE
C:\PROGRAM FILES\ADVANCED INTERNET ERASER\AIE.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNOJHJS.EXE
C:\WINDOWS\APPLICATION DATA\NSAC.EXE
C:\WINDOWS\SYSTEM\MFCI2RC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\BOOTMINDER.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\INTFFDSRONSAD.EXE
C:\WINDOWS\SYSTEM\US3432XZCB.EXE
C:\MY DOCUMENTS\HIJACK THIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\TEMP\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\WINDOWS\TEMP\sp.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\TEMP\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\WINDOWS\TEMP\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\WINDOWS\TEMP\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\WINDOWS\TEMP\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.mensactivism.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R3 - Default URLSearchHook is missing
N2 - Netscape 6: user_pref("browser.startup.homepage", "http://www.mensactivism.org/"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\9d2gywgv.slt\prefs.js)
N2 - Netscape 6: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%206%5Csearchplugins%5CSBWeb_02.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\9d2gywgv.slt\prefs.js)
O2 - BHO: (no name) - {263BC1E9-2B03-29FC-28D4-2287EAF1E9C9} - C:\WINDOWS\SYSTEM\HMTNHMT.DLL
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O2 - BHO: (no name) - {EB1789BE-959E-11D9-BAEC-00E07AA11867} - C:\WINDOWS\SYSTEM\BFLGC.DLL
O2 - BHO: (no name) - {0F9561D0-03B2-44a3-89A6-E95E417CBA25} - C:\WINDOWS\CERBMOD.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN8\YCOMP5_5_7_0.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {0A8CE102-FA03-4612-9BEE-7FE5452F4CB1} - (no file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Tray Temperature] C:\WINDOWS\TEMP\MINIBUG.EXE 1
O4 - HKLM\..\Run: [lmu] C:\WINDOWS\LMU.exe
O4 - HKLM\..\Run: [SurfBuddy] rundll32 "C:\Program Files\SurfBuddy\sbuddy.dll",run
O4 - HKLM\..\Run: [skcdhth] c:\windows\system\skcdhth.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\SYSTEM\cmd32.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [Security iGuard] C:\PROGRAM FILES\SECURITY IGUARD\SECURITY IGUARD.EXE
O4 - HKLM\..\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe
O4 - HKLM\..\Run: [qs8h36U] BO2OADER.EXE
O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\SYSTEM\ap9h4qmo.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [AIE] C:\PROGRAM FILES\ADVANCED INTERNET ERASER\AIE.exe
O4 - HKCU\..\Run: [Clock] C:\WINDOWS\svchost.exe
O4 - HKCU\..\Run: [SurfBuddy] rundll32 "C:\Program Files\SurfBuddy\sbuddy.dll",run
O4 - HKCU\..\Run: [Fuyjco] C:\WINDOWS\SYSTEM\rnojhjs.exe
O4 - HKCU\..\Run: [Acuu] C:\WINDOWS\Application Data\nsac.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [bBrnRWYnR] MFCI2RC.EXE
O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Bootminder 2.lnk = C:\WINDOWS\bootminder.exe
O8 - Extra context menu item: &Anonymization - C:\WINDOWS\SYSTEM\sys32.htm
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Anonymization.Net - {8B466019-1E6E-4552-A096-7C0A2876E50E} - C:\WINDOWS\SYSTEM\shdocvw.dll
O9 - Extra button: Microsoft AntiSpyware helper - {D7F884A0-959E-11D9-BAEC-00E006FC779B} - (no file)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D7F884A0-959E-11D9-BAEC-00E006FC779B} - (no file)
O9 - Extra button: Microsoft AntiSpyware helper - {EBFCEB20-959F-11D9-BAEC-00E006FC779B} - (no file)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {EBFCEB20-959F-11D9-BAEC-00E006FC779B} - (no file)
O9 - Extra button: Microsoft AntiSpyware helper - {7061BDA0-95A0-11D9-BAEC-00E006FC779B} - (no file)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {7061BDA0-95A0-11D9-BAEC-00E006FC779B} - (no file)
O9 - Extra button: Microsoft AntiSpyware helper - {3BC7E100-9569-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {3BC7E100-9569-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {8D370F60-9592-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {8D370F60-9592-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6E5A0060-9598-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6E5A0060-9598-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D7F884A0-959E-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D7F884A0-959E-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {EBFCEB20-959F-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {EBFCEB20-959F-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {7061BDA0-95A0-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {7061BDA0-95A0-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O12 - Plugin for .cfm: C:\Program Files\Netscape\Communicator\Program\PLUGINS\nppl3260.dll
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.fasta...oad/tgctlcm.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} (CParamWr Class) - http://toolbar.azese...l/azesearch.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c7.cab
O18 - Filter: text/html - {799DE9A0-9598-11D9-BAEC-00E057F3CE01} - C:\WINDOWS\SYSTEM\BFLGC.DLL
O18 - Filter: text/plain - {799DE9A0-9598-11D9-BAEC-00E057F3CE01} - C:\WINDOWS\SYSTEM\BFLGC.DLL
again if anyone there,please help me.