Logfile of HijackThis v1.98.2
Scan saved at 12:44:39 PM, on 3/16/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCK.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCESS.EXE
C:\WINDOWS\ptsnoop.exe
C:\PROGRAM FILES\ADVANCED INTERNET ERASER\AIE.EXE
C:\WINDOWS\SYSTEM\RNOJHJS.EXE
C:\WINDOWS\APPLICATION DATA\NSAC.EXE
C:\WINDOWS\SYSTEM\MSMFILTER.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\WINDOWS\BOOTMINDER.EXE
C:\PROGRAM FILES\BHODEMON 2\BHODEMON.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\MY DOCUMENTS\HIJACK THIS\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lotteryamerica.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.mensactivism.org/
R3 - Default URLSearchHook is missing
N2 - Netscape 6: user_pref("browser.startup.homepage", "http://www.mensactivism.org/"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\9d2gywgv.slt\prefs.js)
N2 - Netscape 6: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%206%5Csearchplugins%5CSBWeb_02.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\9d2gywgv.slt\prefs.js)
O2 - BHO: (no name) - {263BC1E9-2B03-29FC-28D4-2287EAF1E9C9} - C:\WINDOWS\SYSTEM\HMTNHMT.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN8\YCOMP5_5_7_0.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {0A8CE102-FA03-4612-9BEE-7FE5452F4CB1} - (no file)
O4 - HKLM\..\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\Run: [Security iGuard] C:\PROGRAM FILES\SECURITY IGUARD\SECURITY IGUARD.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [AIE] C:\PROGRAM FILES\ADVANCED INTERNET ERASER\AIE.exe
O4 - HKCU\..\Run: [Clock] C:\WINDOWS\svchost.exe
O4 - HKCU\..\Run: [SurfBuddy] rundll32 "C:\Program Files\SurfBuddy\sbuddy.dll",run
O4 - HKCU\..\Run: [Fuyjco] C:\WINDOWS\SYSTEM\rnojhjs.exe
O4 - HKCU\..\Run: [Acuu] C:\WINDOWS\Application Data\nsac.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [bBrnRWYnR] MSMFILTER.EXE
O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Bootminder 2.lnk = C:\WINDOWS\bootminder.exe
O4 - Startup: BHODemon 2.0.lnk = C:\Program Files\BHODemon 2\BHODemon.exe
O8 - Extra context menu item: &Anonymization - C:\WINDOWS\SYSTEM\sys32.htm
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Anonymization.Net - {8B466019-1E6E-4552-A096-7C0A2876E50E} - C:\WINDOWS\SYSTEM\shdocvw.dll
O9 - Extra button: Microsoft AntiSpyware helper - {1F564000-95AC-11D9-BAEC-00E006FC779B} - (no file)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {1F564000-95AC-11D9-BAEC-00E006FC779B} - (no file)
O9 - Extra button: Microsoft AntiSpyware helper - {3BC7E100-9569-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {3BC7E100-9569-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {8D370F60-9592-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {8D370F60-9592-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6E5A0060-9598-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6E5A0060-9598-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D7F884A0-959E-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D7F884A0-959E-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {EBFCEB20-959F-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {EBFCEB20-959F-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {7061BDA0-95A0-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {7061BDA0-95A0-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B2F43220-95A9-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {B2F43220-95A9-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B67F1120-95AA-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {B67F1120-95AA-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {1F564000-95AC-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {1F564000-95AC-11D9-BAEC-00E006FC779B} - (no file) (HKCU)
O12 - Plugin for .cfm: C:\Program Files\Netscape\Communicator\Program\PLUGINS\nppl3260.dll
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.ysbweb.com
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.fasta...oad/tgctlcm.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} (CParamWr Class) - http://toolbar.azese...l/azesearch.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c7.cab