Logfile of HijackThis v1.98.0
Scan saved at 6:43:42 PM, on 9/11/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe
C:\Program Files\CasinoOnline\CsRemnd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\AOL Companion\companion.exe
C:\Program Files\Aluria Software\DrSpeed Suite\drspeed.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
C:\Program Files\Aluria Software\ASE\ASE Scheduler.exe
C:\PROGRA~1\NORTON~1\navw32.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://law.quinnipiac.edu/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
R3 - Default URLSearchHook is missing
O1 - Hosts: 64.158.223.128 adfarm.mediaplex.com
O1 - Hosts: 38.119.65.141 ads.morpheus.com
O1 - Hosts: 64.12.180.86 aimtoday.aol.com
O1 - Hosts: 66.218.71.188 baseball.fantasysports.yahoo.com
O1 - Hosts: 69.44.114.16 c1.zedo.com
O1 - Hosts: 69.50.191.148 c1dcon.d8t.biz
O1 - Hosts: 195.225.177.22 c1dcon.ewizard.cc
O1 - Hosts: 66.135.204.10 cgi.ebay.com
O1 - Hosts: 64.236.22.12 cl.cnn.com
O1 - Hosts: 66.228.192.50 clicks.traffictrader.net
O1 - Hosts: 205.188.243.184 client.mapquest.com
O1 - Hosts: 24.30.203.17 content.rr.com
O1 - Hosts: 207.25.71.24 dynamic.si.cnn.com
O1 - Hosts: 216.109.127.6 edit.yahoo.com
O1 - Hosts: 199.181.132.140 espn.go.com
O1 - Hosts: 205.188.135.213 esupport.aol.com
O1 - Hosts: 24.137.12.200 forums.techguy.org
O1 - Hosts: 64.12.144.53 free.aol.com
O1 - Hosts: 192.152.243.90 law.quinnipiac.edu
O1 - Hosts: 216.136.229.11 linksys.custhelp.com
O1 - Hosts: 216.109.127.60 login.yahoo.com
O1 - Hosts: 216.10.124.76 mktg.roadrunner.com
O1 - Hosts: 205.188.187.89 my.screenname.aol.com
O1 - Hosts: 216.109.126.22 my.yahoo.com
O1 - Hosts: 63.236.66.7 mysearch.myway.com
O1 - Hosts: 209.87.178.244 nct.symantecstore.com
O1 - Hosts: 69.44.114.23 newyork.yankees.mlb.com
O1 - Hosts: 64.124.56.49 nike.ask.com
O1 - Hosts: 69.44.114.33 niketown.nike.com
O1 - Hosts: 198.87.0.105 people-data.com
O1 - Hosts: 207.25.71.173 polls.cnnsi.com
O1 - Hosts: 207.250.236.120 pops.freeze.com
O1 - Hosts: 12.129.205.120 popups.ad-logics.com
O1 - Hosts: 64.5.217.241 prizeamerica.aavalue.com
O1 - Hosts: 199.181.132.87 proxy.espn.go.com
O1 - Hosts: 209.67.153.20 quinnipiacbobcats.collegesports.com
O1 - Hosts: 207.250.236.107 register.freeze.com
O1 - Hosts: 198.6.49.101 renewalcenter.symantec.com
O1 - Hosts: 205.188.180.120 search.aol.com
O1 - Hosts: 66.135.210.135 search.ebay.com
O1 - Hosts: 206.204.52.17 search.symantec.com
O1 - Hosts: 66.218.71.233 search.yahoo.com
O1 - Hosts: 66.135.194.135 search-lvm.ebay.com
O1 - Hosts: 206.65.174.7 seattlepi.nwsource.com
O1 - Hosts: 217.75.98.7 securityresponse.symantec.com
O1 - Hosts: 198.6.49.121 service1.symantec.com
O1 - Hosts: 199.181.132.245 sports.espn.go.com
O1 - Hosts: 216.109.126.241 sports.yahoo.com
O1 - Hosts: 207.25.71.142 sportsillustrated.cnn.com
O1 - Hosts: 38.119.65.139 start.morpheus.com
O1 - Hosts: 205.188.238.103 subs.timeinc.net
O1 - Hosts: 64.40.109.82 thegolfcourses.net
O1 - Hosts: 207.46.156.121 v4.windowsupdate.microsoft.com
O1 - Hosts: 66.55.136.94 vn.msie.tv
O1 - Hosts: 205.188.139.184 webmail.aol.com
O1 - Hosts: 66.35.229.145 webpdp.gator.com
O1 - Hosts: 66.230.167.226
www.008k.com
O1 - Hosts: 205.188.135.105
www.aim.com
O1 - Hosts: 64.94.239.33
www.aluriasoftware.com
O1 - Hosts: 207.171.170.19
www.amazon.co.uk
O1 - Hosts: 69.42.75.142
www.amazon-x.com
O1 - Hosts: 66.115.188.11
www.ampland.com
O1 - Hosts: 204.127.166.136
www.anywho.com
O1 - Hosts: 205.188.145.214
www.aol.com
O1 - Hosts: 216.71.203.71
www.basketballteamuniforms.com
O1 - Hosts: 209.128.108.221
www.bellaonline.com
O1 - Hosts: 216.92.177.122
www.bestscreensavers.com
O1 - Hosts: 68.72.72.11
www.bigeast.org
O1 - Hosts: 209.11.49.183
www.billboard.com
O1 - Hosts: 69.9.172.47
www.bluepistons.com
O1 - Hosts: 209.119.77.1
www.bowlinggreengolf.com
O1 - Hosts: 209.148.221.20
www.canadastarboxing.com
O1 - Hosts: 204.71.20.123
www.cityofnewhaven.com
O1 - Hosts: 216.121.96.225
www.clubct.com
O1 - Hosts: 67.100.215.226
www.college-football-jerseys.info
O1 - Hosts: 216.193.211.145
www.collegehoopsnet.com
O1 - Hosts: 164.109.28.3
www.comcast.com
O1 - Hosts: 63.240.76.72
www.comcast.net
O1 - Hosts: 69.0.228.223
www.comcast-ne.com
O1 - Hosts: 208.42.89.60
www.costcutters.com
O1 - Hosts: 12.130.91.12
www.ctnow.com
O1 - Hosts: 216.37.47.224
www.culinarymenus.com
O1 - Hosts: 66.135.192.87
www.ebay.com
O1 - Hosts: 64.156.187.113
www.expage.com
O1 - Hosts: 66.35.204.10
www.findlaw.com
O1 - Hosts: 164.62.7.30
www.ftc.gov
O1 - Hosts: 66.28.176.251
www.fvotd.com
O1 - Hosts: 81.211.105.20
www.ga31.com
O1 - Hosts: 66.163.161.45
www.gametimeusa.com
O1 - Hosts: 66.218.77.68
www.geocities.com
O1 - Hosts: 216.239.41.99
www.google.com
O1 - Hosts: 69.0.68.75
www.hamden.com
O1 - Hosts: 24.30.204.14
www.help.rr.com
O1 - Hosts: 66.162.58.150
www.hot97.com
O1 - Hosts: 69.93.53.43
www.hqmovs.com
O1 - Hosts: 69.44.114.25
www.ikea.com
O1 - Hosts: 192.71.68.42
www.ikea-usa.com
O1 - Hosts: 66.221.197.177
www.infonewhaven.com
O1 - Hosts: 165.193.123.186
www.infoplease.com
O1 - Hosts: 205.134.174.212
www.interracialunited.com
O1 - Hosts: 63.217.29.242
www.intimatediary.com
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL (file missing)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O3 - Toolbar: @msdxmLC.dll,
[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\\winampa.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [Remndr] "C:\Program Files\CasinoOnline\CsRemnd.exe"
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [msmc] C:\WINNT\system32\msmc.exe
O4 - Startup: ASE Scheduler.lnk = C:\Program Files\Aluria Software\ASE\ASE Scheduler.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - Global Startup: Dr.Speed NetRx.lnk = C:\Program Files\Aluria Software\DrSpeed Suite\drspeed.exe
O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O10 - Broken Internet access because of LSP provider 'connwsp.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O14 - IERESET.INF: MS_START_PAGE_URL=http://www.aol.com
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) -
http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) -
https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) -
https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) -
http://www.pcpitstop.com/antivirus/PitPav.cab