A
Annalee
A few days ago, I recieved a 1752 error. By looking on the net, I wa
able to fix it. At least I thought so. The next day I got a 38
error. I tried to same things to fix it, and while things are better
they are still crazy. Now explorer.exe won't show up in task manager
some of the graphics are strange looking, and my spyware scanne
(xoftspy) won't open. Everything else is fine, at least as far as
can tell. I got that hijackthis program and it said to post the lo
for someone to look at so I looked you guys up. I hope you can hel
me or at least point me in the right direction
Below is my log
Thanks
Annale
Logfile of HijackThis v1.99.
Scan saved at 5:45:22 PM, on 5/12/200
Platform: Windows XP SP2 (WinNT 5.01.2600
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180
Running processes
C:\WINDOWS\System32\smss.ex
C:\WINDOWS\system32\csrss.ex
C:\WINDOWS\system32\services.ex
C:\WINDOWS\system32\lsass.ex
C:\WINDOWS\system32\Ati2evxx.ex
C:\WINDOWS\system32\svchost.ex
C:\WINDOWS\system32\svchost.ex
C:\WINDOWS\System32\svchost.ex
C:\WINDOWS\system32\svchost.ex
C:\WINDOWS\system32\svchost.ex
C:\WINDOWS\system32\LEXBCES.EX
C:\WINDOWS\system32\LEXPPS.EX
C:\WINDOWS\system32\spoolsv.ex
C:\WINDOWS\system32\Ati2evxx.ex
C:\Program Files\CyberLink\PowerDVD\PDVDServ.ex
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.ex
C:\WINDOWS\zHotkey.ex
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.ex
C:\WINDOWS\system32\wdfmgr.ex
C:\Program Files\ATI Multimedia\main\ATIDtct.EX
C:\Program Files\Common Files\Microsoft Shared\Work
Shared\WkUFind.ex
C:\WINDOWS\system32\rundll32.ex
C:\Program Files\Common Files\Real\Update_OB\realsched.ex
C:\WINDOWS\SOUNDMAN.EX
C:\WINDOWS\ALCWZRD.EX
C:\WINDOWS\system32\brmfrsmq.ex
C:\windows\system32\taskmgn.ex
C:\Program Files\ATI Multimedia\main\launchpd.ex
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.ex
C:\Program Files\Internet Explorer\IEXPLORE.EX
C:\Program Files\Internet Explorer\IEXPLORE.EX
C:\WINDOWS\system32\wuauclt.ex
C:\Documents and Settings\Owner\Desktop\HijackThis.ex
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderNam
=
R3 - Default URLSearchHook is missin
F2 - REG:system.ini: Shell=explorer.exe
"C:\Program Files\Common Files\Microsoft Shared\We
Folders\ibm00012.exe
O1 - Hosts: 205.238.40.1 winmx.co
O1 - Hosts: 205.238.40.1 www.winmx.co
O1 - Hosts: 205.238.40.1 err.winmx.co
O1 - Hosts: 205.238.40.1 c3310.z1301.winmx.co
O1 - Hosts: 205.238.40.1 c3311.z1301.winmx.co
O1 - Hosts: 205.238.40.1 c3312.z1301.winmx.co
O1 - Hosts: 205.238.40.1 c3313.z1301.winmx.co
O1 - Hosts: 205.238.40.1 c3314.z1301.winmx.co
O1 - Hosts: 82.195.155.5 c3315.z1301.winmx.co
O1 - Hosts: 82.195.155.5 c3316.z1301.winmx.co
O1 - Hosts: 82.195.155.5 c3317.z1301.winmx.co
O1 - Hosts: 82.195.155.5 c3318.z1301.winmx.co
O1 - Hosts: 82.195.155.5 c3319.z1301.winmx.co
O1 - Hosts: 205.238.40.1 c3310.z1302.winmx.co
O1 - Hosts: 205.238.40.1 c3311.z1302.winmx.co
O1 - Hosts: 205.238.40.1 c3312.z1302.winmx.co
O1 - Hosts: 205.238.40.1 c3313.z1302.winmx.co
O1 - Hosts: 205.238.40.1 c3314.z1302.winmx.co
O1 - Hosts: 82.195.155.5 c3315.z1302.winmx.co
O1 - Hosts: 82.195.155.5 c3316.z1302.winmx.co
O1 - Hosts: 82.195.155.5 c3317.z1302.winmx.co
O1 - Hosts: 82.195.155.5 c3318.z1302.winmx.co
O1 - Hosts: 82.195.155.5 c3319.z1302.winmx.co
O1 - Hosts: 205.238.40.1 c3310.z1303.winmx.co
O1 - Hosts: 205.238.40.1 c3311.z1303.winmx.co
O1 - Hosts: 205.238.40.1 c3312.z1303.winmx.co
O1 - Hosts: 205.238.40.1 c3313.z1303.winmx.co
O1 - Hosts: 205.238.40.1 c3314.z1303.winmx.co
O1 - Hosts: 82.195.155.5 c3315.z1303.winmx.co
O1 - Hosts: 82.195.155.5 c3316.z1303.winmx.co
O1 - Hosts: 82.195.155.5 c3317.z1303.winmx.co
O1 - Hosts: 82.195.155.5 c3318.z1303.winmx.co
O1 - Hosts: 82.195.155.5 c3319.z1303.winmx.co
O1 - Hosts: 205.238.40.1 c3310.z1304.winmx.co
O1 - Hosts: 205.238.40.1 c3311.z1304.winmx.co
O1 - Hosts: 205.238.40.1 c3312.z1304.winmx.co
O1 - Hosts: 205.238.40.1 c3313.z1304.winmx.co
O1 - Hosts: 205.238.40.1 c3314.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3310.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3311.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3313.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3314.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3310.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3311.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3313.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3314.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3528.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3529.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3528.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3529.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3528.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3529.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1304.winmx.com
O2 - BHO: Yahoo! Companion BHO -
{02478D38-C3F9-4efb-9B51-7695ECA05670} -
C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no
file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no
file)
O3 - Toolbar: &Yahoo! Companion -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut]
HDAShCut.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch
Jukebox\mmtask.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI
Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATI DeviceDetect] C:\Program Files\ATI
Multimedia\main\ATIDtct.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program
Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0
-k
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [rock] rock.exe
O4 - HKLM\..\Run: C:\WINDOWS\system32\brmfrsmq.exe
O4 - HKLM\..\Run: [Windows Task Manager]
c:\windows\system32\taskmgn.exe
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\system32\0mcamcap.exe
O4 - HKLM\..\RunServices: [brmfrsmq] C:\WINDOWS\system32\brmfrsmq.exe
O4 - HKLM\..\RunServices: [0mcamcap] C:\WINDOWS\system32\0mcamcap.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI
Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI
Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [WinMX] C:\Program Files\WinMX\WinMX.exe -m
O4 - HKCU\..\Run: [brmfrsmq] C:\WINDOWS\system32\brmfrsmq.exe
O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\system32\0mcamcap.exe
O4 - HKCU\..\Run: [shell] "C:\Program Files\Common
Files\Microsoft Shared\Web Folders\ibm00012.exe"
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Documents
and Settings\Owner\Local
Settings\Temp\{4EF96FC6-F34B-48D4-9C05-B9F384D8FF10}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O4 - Startup: RollerCoaster Tycoon 3_ Cape Typhoon Registration.lnk =
C:\Documents and Settings\Owner\Local
Settings\Temp\{43F20F17-F5FA-4093-9765-3F97D38CBE48}\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}\ATR1.exe
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler
daemon.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\PrintMaster
16\pmremind.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program
Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program
Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD}
- C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}
- C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.gateway.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download
Control Class) -
http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
-
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131762849203
O20 - Winlogon Notify: ddayw - ddayw.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: xptptt - C:\WINDOWS\SYSTEM32\xptptt.dll
O23 - Service: Ati HotKey Poller - Unknown owner -
C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner -
C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -
C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner -
C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)
able to fix it. At least I thought so. The next day I got a 38
error. I tried to same things to fix it, and while things are better
they are still crazy. Now explorer.exe won't show up in task manager
some of the graphics are strange looking, and my spyware scanne
(xoftspy) won't open. Everything else is fine, at least as far as
can tell. I got that hijackthis program and it said to post the lo
for someone to look at so I looked you guys up. I hope you can hel
me or at least point me in the right direction
Below is my log
Thanks
Annale
Logfile of HijackThis v1.99.
Scan saved at 5:45:22 PM, on 5/12/200
Platform: Windows XP SP2 (WinNT 5.01.2600
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180
Running processes
C:\WINDOWS\System32\smss.ex
C:\WINDOWS\system32\csrss.ex
C:\WINDOWS\system32\services.ex
C:\WINDOWS\system32\lsass.ex
C:\WINDOWS\system32\Ati2evxx.ex
C:\WINDOWS\system32\svchost.ex
C:\WINDOWS\system32\svchost.ex
C:\WINDOWS\System32\svchost.ex
C:\WINDOWS\system32\svchost.ex
C:\WINDOWS\system32\svchost.ex
C:\WINDOWS\system32\LEXBCES.EX
C:\WINDOWS\system32\LEXPPS.EX
C:\WINDOWS\system32\spoolsv.ex
C:\WINDOWS\system32\Ati2evxx.ex
C:\Program Files\CyberLink\PowerDVD\PDVDServ.ex
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.ex
C:\WINDOWS\zHotkey.ex
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.ex
C:\WINDOWS\system32\wdfmgr.ex
C:\Program Files\ATI Multimedia\main\ATIDtct.EX
C:\Program Files\Common Files\Microsoft Shared\Work
Shared\WkUFind.ex
C:\WINDOWS\system32\rundll32.ex
C:\Program Files\Common Files\Real\Update_OB\realsched.ex
C:\WINDOWS\SOUNDMAN.EX
C:\WINDOWS\ALCWZRD.EX
C:\WINDOWS\system32\brmfrsmq.ex
C:\windows\system32\taskmgn.ex
C:\Program Files\ATI Multimedia\main\launchpd.ex
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.ex
C:\Program Files\Internet Explorer\IEXPLORE.EX
C:\Program Files\Internet Explorer\IEXPLORE.EX
C:\WINDOWS\system32\wuauclt.ex
C:\Documents and Settings\Owner\Desktop\HijackThis.ex
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderNam
=
R3 - Default URLSearchHook is missin
F2 - REG:system.ini: Shell=explorer.exe
"C:\Program Files\Common Files\Microsoft Shared\We
Folders\ibm00012.exe
O1 - Hosts: 205.238.40.1 winmx.co
O1 - Hosts: 205.238.40.1 www.winmx.co
O1 - Hosts: 205.238.40.1 err.winmx.co
O1 - Hosts: 205.238.40.1 c3310.z1301.winmx.co
O1 - Hosts: 205.238.40.1 c3311.z1301.winmx.co
O1 - Hosts: 205.238.40.1 c3312.z1301.winmx.co
O1 - Hosts: 205.238.40.1 c3313.z1301.winmx.co
O1 - Hosts: 205.238.40.1 c3314.z1301.winmx.co
O1 - Hosts: 82.195.155.5 c3315.z1301.winmx.co
O1 - Hosts: 82.195.155.5 c3316.z1301.winmx.co
O1 - Hosts: 82.195.155.5 c3317.z1301.winmx.co
O1 - Hosts: 82.195.155.5 c3318.z1301.winmx.co
O1 - Hosts: 82.195.155.5 c3319.z1301.winmx.co
O1 - Hosts: 205.238.40.1 c3310.z1302.winmx.co
O1 - Hosts: 205.238.40.1 c3311.z1302.winmx.co
O1 - Hosts: 205.238.40.1 c3312.z1302.winmx.co
O1 - Hosts: 205.238.40.1 c3313.z1302.winmx.co
O1 - Hosts: 205.238.40.1 c3314.z1302.winmx.co
O1 - Hosts: 82.195.155.5 c3315.z1302.winmx.co
O1 - Hosts: 82.195.155.5 c3316.z1302.winmx.co
O1 - Hosts: 82.195.155.5 c3317.z1302.winmx.co
O1 - Hosts: 82.195.155.5 c3318.z1302.winmx.co
O1 - Hosts: 82.195.155.5 c3319.z1302.winmx.co
O1 - Hosts: 205.238.40.1 c3310.z1303.winmx.co
O1 - Hosts: 205.238.40.1 c3311.z1303.winmx.co
O1 - Hosts: 205.238.40.1 c3312.z1303.winmx.co
O1 - Hosts: 205.238.40.1 c3313.z1303.winmx.co
O1 - Hosts: 205.238.40.1 c3314.z1303.winmx.co
O1 - Hosts: 82.195.155.5 c3315.z1303.winmx.co
O1 - Hosts: 82.195.155.5 c3316.z1303.winmx.co
O1 - Hosts: 82.195.155.5 c3317.z1303.winmx.co
O1 - Hosts: 82.195.155.5 c3318.z1303.winmx.co
O1 - Hosts: 82.195.155.5 c3319.z1303.winmx.co
O1 - Hosts: 205.238.40.1 c3310.z1304.winmx.co
O1 - Hosts: 205.238.40.1 c3311.z1304.winmx.co
O1 - Hosts: 205.238.40.1 c3312.z1304.winmx.co
O1 - Hosts: 205.238.40.1 c3313.z1304.winmx.co
O1 - Hosts: 205.238.40.1 c3314.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3310.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3311.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3313.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3314.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3310.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3311.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3313.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3314.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3528.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3529.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3528.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3529.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3528.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3529.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1304.winmx.com
O2 - BHO: Yahoo! Companion BHO -
{02478D38-C3F9-4efb-9B51-7695ECA05670} -
C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no
file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no
file)
O3 - Toolbar: &Yahoo! Companion -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut]
HDAShCut.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch
Jukebox\mmtask.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI
Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATI DeviceDetect] C:\Program Files\ATI
Multimedia\main\ATIDtct.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program
Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0
-k
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [rock] rock.exe
O4 - HKLM\..\Run: C:\WINDOWS\system32\brmfrsmq.exe
O4 - HKLM\..\Run: [Windows Task Manager]
c:\windows\system32\taskmgn.exe
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\system32\0mcamcap.exe
O4 - HKLM\..\RunServices: [brmfrsmq] C:\WINDOWS\system32\brmfrsmq.exe
O4 - HKLM\..\RunServices: [0mcamcap] C:\WINDOWS\system32\0mcamcap.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI
Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI
Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [WinMX] C:\Program Files\WinMX\WinMX.exe -m
O4 - HKCU\..\Run: [brmfrsmq] C:\WINDOWS\system32\brmfrsmq.exe
O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\system32\0mcamcap.exe
O4 - HKCU\..\Run: [shell] "C:\Program Files\Common
Files\Microsoft Shared\Web Folders\ibm00012.exe"
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Documents
and Settings\Owner\Local
Settings\Temp\{4EF96FC6-F34B-48D4-9C05-B9F384D8FF10}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O4 - Startup: RollerCoaster Tycoon 3_ Cape Typhoon Registration.lnk =
C:\Documents and Settings\Owner\Local
Settings\Temp\{43F20F17-F5FA-4093-9765-3F97D38CBE48}\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}\ATR1.exe
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler
daemon.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\PrintMaster
16\pmremind.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program
Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary -
file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program
Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD}
- C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}
- C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.gateway.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download
Control Class) -
http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
-
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131762849203
O20 - Winlogon Notify: ddayw - ddayw.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: xptptt - C:\WINDOWS\SYSTEM32\xptptt.dll
O23 - Service: Ati HotKey Poller - Unknown owner -
C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner -
C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -
C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner -
C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)