Logfile of HijackThis v1.99.1
Scan saved at 12:59:39 PM, on 3/25/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\WINMODEM.101\wmexe.exe
C:\WINDOWS\SYSTEM\SPOOLSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\GWHOTKEY.EXE
C:\PROGRAM FILES\NAVISEARCH\BIN\NLS.EXE
C:\WINDOWS\SYSTEM\SRVC32.EXE
C:\PROGRAM FILES\TOPMOST CLOCK\TOPMOSTCLOCK.EXE
C:\PROGRAM FILES\WORDWEB\WWEB32.EXE
C:\PROGRAM FILES\IM\AIM.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\HJC\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.search-exe.com/nph-
search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.search-exe.com/nph-
search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.makemesearch.com/?said=429
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL = http://search.search-exe.com/nph-
search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.search-exe.com/nph-
search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.search-exe.com/nph-
search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.makemesearch.com/?said=429
R1 - HKCU\Software\Microsoft\Internet
Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-
search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-
search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://search.search-exe.com/nph-
search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://search.search-exe.com/nph-
search.cgi?tcode=exesrch1&look=stmpl1&fw=
R3 - URLSearchHook: (no name) - {D3B40389-5EE0-FEA1-8FA6-
6A25893250A3} - C:\WINDOWS\Keeylyny.dll
N3 - Netscape 7: user_pref("browser.startup.homepage",
"http://www.google.com/"); (C:\WINDOWS\Application
Data\Mozilla\Profiles\default\4bqshm5s.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins
%5CSBWeb_01.src"); (C:\WINDOWS\Application
Data\Mozilla\Profiles\default\4bqshm5s.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT
5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {CDB19DA0-57A2-0274-576A-F6C000ABE8A9} -
C:\WINDOWS\Keeylyny.dll
O2 - BHO: WebBho Class - {00041A26-7033-432C-94C7-6371DE343822} -
C:\PROGRAM FILES\SE\V11\SE.DLL
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-
3ECD647AA554} - C:\PROGRAM FILES\MYWAY\SRCHASTT\1.BIN\MYSRCHAS.DLL
O2 - BHO: Tubby - {9EAC0102-5E61-2312-BC2D-4D54434D5443} -
C:\WINDOWS\SYSTEM\MTC.DLL
O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-
8C3E1CE4B344} - C:\WINDOWS\SYSTEM\NVMS.DLL
O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-717765728274} -
C:\WINDOWS\SYSTEM\WER8274.DLL
O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9}
- C:\WINDOWS\BXXS5.DLL
O3 - Toolbar: Search - {BCB9D6BE-8D5A-F228-3B13-448DFD88125C} -
C:\WINDOWS\Keeylyny.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Search Toolbar - {9EAC0102-5E61-2312-BC2D-
4D54434D5443} - C:\WINDOWS\SYSTEM\MTC.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Multi-function Keyboard] GWHotKey.exe
O4 - HKLM\..\Run: [GRA] C:\Program Files\Gateway\gra\GRA.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -
atboottime
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [Search-Exe] "C:\PROGRAM FILES\SE\V11\SE.EXE" /H
O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye
Network\bin\bargains.exe
O4 - HKLM\..\Run: [Local runole service] C:\WINDOWS\System\srvc32.exe
O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security
iGuard\Security iGuard.exe
O4 - HKLM\..\RunServices: [winmodem] WINMODEM.101\wmexe.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Srv32 spool service]
C:\WINDOWS\System\spoolsrv32.exe
O4 - HKCU\..\Run: [TopmostClock] C:\Program Files\Topmost
Clock\TopMostClock.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM
FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O8 - Extra context menu item: &WordWeb... -
res://C:\WINDOWS\wweb32.dll/lookup.html
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-
00C0F0318AFE} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:\PROGRAM FILES\IM\AIM.EXE
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-
A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-
AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {8D114E40-9C3D-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{8D114E40-9C3D-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {EF0503A0-9C45-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{EF0503A0-9C45-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {83A02B60-9C4C-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{83A02B60-9C4C-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {E6867E20-9C54-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{E6867E20-9C54-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {4B6D82E0-9C5D-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{4B6D82E0-9C5D-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {704F12E0-9C99-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{704F12E0-9C99-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-
B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {EB59FEA0-9BE5-
11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{EB59FEA0-9BE5-11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {673FBD20-9BFA-
11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{673FBD20-9BFA-11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {C98F0000-9C02-
11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{C98F0000-9C02-11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2B411880-9C0B-
11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{2B411880-9C0B-11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {8D3C6F00-9C13-
11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{8D3C6F00-9C13-11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {EF288340-9C1B-
11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{EF288340-9C1B-11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {511C38A0-9C24-
11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{511C38A0-9C24-11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B30FEE00-9C2C-
11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{B30FEE00-9C2C-11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2B253A00-9C35-
11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{2B253A00-9C35-11D9-A6DE-006008AF2354} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {8D114E40-9C3D-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{8D114E40-9C3D-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
(HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {EF0503A0-9C45-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{EF0503A0-9C45-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
(HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {83A02B60-9C4C-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{83A02B60-9C4C-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
(HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {E6867E20-9C54-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{E6867E20-9C54-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
(HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {4B6D82E0-9C5D-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{4B6D82E0-9C5D-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
(HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {704F12E0-9C99-
11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{704F12E0-9C99-11D9-A6DE-006008AF2354} - C:\WINDOWS\SYSTEM\WLDR.DLL
(HKCU)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime
Environment 1.4.1_02) -