A
alfguy
I am running Windows ME. I recently switched from dialup to wireless. I was
not able to be home at the time it was installed. So when I went to outlook
it would still dial up. I called my ISP tech support and they walked me
through deleting my dial up connection and all of the settings. They said
everthing was correct but I get an error message 0X800CC90 everytime. They
said something was wrong with my Outlook. It always worked great with my
dialup. I am inclosing a hijack this and startdreck. Please help if you can.
-- Logfile of HijackThis v1.99.1
Scan saved at 2:59:46 AM, on 2/7/2006
Platform: Windows ME (Win9x 4.90.3000)StartDreck (build 2.1.7 public stable)
- 2006-02-07 @ 03:01:51 (GMT -06:00)
Platform: Windows ME (Win 4.90.3000 )
Internet Explorer: 6.0.2800.1106
Logged in as User1 at X4K3X2
»Registry
»Run Keys
»Current User
»Run
*Yahoo! Pager=C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
*MsnMsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
*Start WingMan Profiler="C:\Program Files\Logitech\Profiler\lwtest.exe"
/detect /quiet /launch "C:\Program Files\Logitech\Profiler\lwemon.exe /noui"
»RunOnce
»Default User
»Run
*Yahoo! Pager=C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
*MsnMsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
*Start WingMan Profiler="C:\Program Files\Logitech\Profiler\lwtest.exe"
/detect /quiet /launch "C:\Program Files\Logitech\Profiler\lwemon.exe /noui"
»RunOnce
»Local Machine
»Run
*AVG7_EMC=C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
*ScanRegistry=C:\WINDOWS\scanregw.exe /autorun
*TaskMonitor=C:\WINDOWS\taskmon.exe
*PCHealth=C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
*SystemTray=SysTray.Exe
*LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
*QuickTime Task="C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
*PE2CKFNT SE=C:\Program Files\Ulead Systems\Ulead Photo Express 2
SE\ChkFont.exe
*LexStart=lexstart.exe
*LoadQM=loadqm.exe
»RunOnce
»RunServices
*RegisterDropHandler=C:\PROGRA~1\TEXTBR~1.0\BIN\REGIST~1.EXE
*StillImageMonitor=C:\WINDOWS\SYSTEM\STIMON.EXE
*LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
*KB891711=C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
**StateMgr=C:\WINDOWS\System\Restore\StateMgr.exe
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»Browser Helper Objects (LM)
*AcroIEHelper.AcroIEHlprObj.1/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
`InprocServer32=C:\PROGRAM FILES\ADOBE\ACROBAT
6.0\READER\ACTIVEX\ACROIEHELPER.DLL
*WindowsIE.clsIS/{2E12B523-3D4C-4FAC-9B04-0376A8F5E879}
`InprocServer32=C:\WINDOWS\WINDOWSIE.DLL
»Files
»System/Drivers
»Running Processes
+FFEF6FA7=C:\WINDOWS\SYSTEM\KERNEL32.DLL
+FFFF2747=C:\WINDOWS\SYSTEM\MSGSRV32.EXE
+FFFF8753=C:\WINDOWS\SYSTEM\mmtask.tsk
+FFFFBD17=C:\WINDOWS\SYSTEM\MPREXE.EXE
+FFFE7DBB=C:\WINDOWS\SYSTEM\STIMON.EXE
+FFFE60AF=C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
+FFFE4047=C:\WINDOWS\EXPLORER.EXE
+FFFEA757=C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
+FFFD18B3=C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
+FFFDB9F3=C:\WINDOWS\TASKMON.EXE
+FFFC48BB=C:\WINDOWS\SYSTEM\SYSTRAY.EXE
+FFFC3267=C:\WINDOWS\LOADQM.EXE
+FFFCC4D7=C:\WINDOWS\SYSTEM\LEXBCES.EXE
+FFFCC2CF=C:\WINDOWS\SYSTEM\WMIEXE.EXE
+FFFB1DE7=C:\WINDOWS\SYSTEM\RPCSS.EXE
+FFFB83FB=C:\PROGRAM FILES\WEBSHOTS\WEBSHOTS.SCR
+FFFB1B97=C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS
SHARED\WKCALREM.EXE
+FFFD35F3=C:\WINDOWS\SYSTEM\DDHELP.EXE
+FFF98B0F=C:\WINDOWS\SYSTEM\LEXPPS.EXE
+FFF9B2CB=C:\PROGRAM FILES\LOGITECH\PROFILER\LWEMON.EXE
+FFF8447F=C:\WINDOWS\SYSTEM\PSTORES.EXE
+FFFEAC03=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
+FFF63D57=C:\MY DOCUMENTS\STARTDRECK\STARTDRECK.EXE
»Application specific
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\WEBSHOTS\WEBSHOTS.SCR
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\PROGRAM FILES\LOGITECH\PROFILER\LWEMON.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://g.msn.com/0SEENUS/SAOS13
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.wmtel.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = http://localhost
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src");
(C:\WINDOWS\Application Data\Mozilla\Profiles\default\z6v3hh1z.slt\prefs.js)
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 82.195.155.5 test3201.winmx.com test3203.winmx.com
test3205.winmx.com test3207.winmx.com
O1 - Hosts: 212.227.64.149 test3202.winmx.com test3204.winmx.com
test3206.winmx.com test3208.winmx.com
O1 - Hosts: 67.18.233.36 c3310.z1301.winmx.com c3310.z1302.winmx.com
c3312.z1305.winmx.com c3312.z1306.winmx.com c3313.z1303.winmx.com
c3313.z1304.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com
c3316.z1305.winmx.com c3316.z1306.winmx.com c3317.z1303.winmx.com
c3317.z1304.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com
c3318.z1305.winmx.com c3318.z1306.winmx.com c3319.z1303.winmx.com
c3319.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1305.winmx.com c3310.z1306.winmx.com
c3311.z1303.winmx.com c3311.z1304.winmx.com c3312.z1301.winmx.com
c3312.z1302.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
c3315.z1303.winmx.com c3315.z1304.winmx.com c3316.z1301.winmx.com
c3316.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1303.winmx.com c3310.z1304.winmx.com
c3311.z1301.winmx.com c3311.z1302.winmx.com c3313.z1305.winmx.com
c3313.z1306.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com
c3315.z1301.winmx.com c3315.z1302.winmx.com c3317.z1305.winmx.com
c3317.z1306.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com
c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1305.winmx.com
c3319.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3311.z1305.winmx.com c3311.z1306.winmx.com
c3312.z1303.winmx.com c3312.z1304.winmx.com c3313.z1301.winmx.com
c3313.z1302.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
c3316.z1303.winmx.com c3316.z1304.winmx.com c3317.z1301.winmx.com
c3317.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3520.z1301.winmx.com c3520.z1302.winmx.com
c3522.z1305.winmx.com c3522.z1306.winmx.com c3523.z1303.winmx.com
c3523.z1304.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com
c3526.z1305.winmx.com c3526.z1306.winmx.com c3527.z1303.winmx.com
c3527.z1304.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com
c3528.z1305.winmx.com c3528.z1306.winmx.com c3529.z1303.winmx.com
c3529.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1305.winmx.com c3520.z1306.winmx.com
c3521.z1303.winmx.com c3521.z1304.winmx.com c3522.z1301.winmx.com
c3522.z1302.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
c3525.z1303.winmx.com c3525.z1304.winmx.com c3526.z1301.winmx.com
c3526.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1303.winmx.com c3520.z1304.winmx.com
c3521.z1301.winmx.com c3521.z1302.winmx.com c3523.z1305.winmx.com
c3523.z1306.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com
c3525.z1301.winmx.com c3525.z1302.winmx.com c3527.z1305.winmx.com
c3527.z1306.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com
c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1305.winmx.com
c3529.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3521.z1305.winmx.com c3521.z1306.winmx.com
c3522.z1303.winmx.com c3522.z1304.winmx.com c3523.z1301.winmx.com
c3523.z1302.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
c3526.z1303.winmx.com c3526.z1304.winmx.com c3527.z1301.winmx.com
c3527.z1302.winmx.com
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3310.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3312.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3313.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3314.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3316.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3317.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3318.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1304.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1304.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1304.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1304.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1305.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1305.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1305.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1305.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1305.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1305.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1305.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1305.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1305.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1305.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1306.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1306.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3529.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3529.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1303.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1303.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1303.winmx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: WindowsIE.clsIS - {2E12B523-3D4C-4FAC-9B04-0376A8F5E879} -
C:\WINDOWS\WINDOWSIE.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo
Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\RunServices: [RegisterDropHandler]
C:\PROGRA~1\TEXTBR~1.0\BIN\REGIST~1.EXE
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program
Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe"
/background
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program
Files\Logitech\Profiler\lwtest.exe" /detect /quiet /launch "C:\Program
Files\Logitech\Profiler\lwemon.exe /noui"
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program
Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} -
C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM
FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) -
http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona
Control) - http://www.parallelgraphics.com/bin/cortvrml.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer =
167.142.196.204,167.142.196.203
alf
not able to be home at the time it was installed. So when I went to outlook
it would still dial up. I called my ISP tech support and they walked me
through deleting my dial up connection and all of the settings. They said
everthing was correct but I get an error message 0X800CC90 everytime. They
said something was wrong with my Outlook. It always worked great with my
dialup. I am inclosing a hijack this and startdreck. Please help if you can.
-- Logfile of HijackThis v1.99.1
Scan saved at 2:59:46 AM, on 2/7/2006
Platform: Windows ME (Win9x 4.90.3000)StartDreck (build 2.1.7 public stable)
- 2006-02-07 @ 03:01:51 (GMT -06:00)
Platform: Windows ME (Win 4.90.3000 )
Internet Explorer: 6.0.2800.1106
Logged in as User1 at X4K3X2
»Registry
»Run Keys
»Current User
»Run
*Yahoo! Pager=C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
*MsnMsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
*Start WingMan Profiler="C:\Program Files\Logitech\Profiler\lwtest.exe"
/detect /quiet /launch "C:\Program Files\Logitech\Profiler\lwemon.exe /noui"
»RunOnce
»Default User
»Run
*Yahoo! Pager=C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
*MsnMsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
*Start WingMan Profiler="C:\Program Files\Logitech\Profiler\lwtest.exe"
/detect /quiet /launch "C:\Program Files\Logitech\Profiler\lwemon.exe /noui"
»RunOnce
»Local Machine
»Run
*AVG7_EMC=C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
*ScanRegistry=C:\WINDOWS\scanregw.exe /autorun
*TaskMonitor=C:\WINDOWS\taskmon.exe
*PCHealth=C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
*SystemTray=SysTray.Exe
*LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
*QuickTime Task="C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
*PE2CKFNT SE=C:\Program Files\Ulead Systems\Ulead Photo Express 2
SE\ChkFont.exe
*LexStart=lexstart.exe
*LoadQM=loadqm.exe
»RunOnce
»RunServices
*RegisterDropHandler=C:\PROGRA~1\TEXTBR~1.0\BIN\REGIST~1.EXE
*StillImageMonitor=C:\WINDOWS\SYSTEM\STIMON.EXE
*LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
*KB891711=C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
**StateMgr=C:\WINDOWS\System\Restore\StateMgr.exe
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»Browser Helper Objects (LM)
*AcroIEHelper.AcroIEHlprObj.1/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
`InprocServer32=C:\PROGRAM FILES\ADOBE\ACROBAT
6.0\READER\ACTIVEX\ACROIEHELPER.DLL
*WindowsIE.clsIS/{2E12B523-3D4C-4FAC-9B04-0376A8F5E879}
`InprocServer32=C:\WINDOWS\WINDOWSIE.DLL
»Files
»System/Drivers
»Running Processes
+FFEF6FA7=C:\WINDOWS\SYSTEM\KERNEL32.DLL
+FFFF2747=C:\WINDOWS\SYSTEM\MSGSRV32.EXE
+FFFF8753=C:\WINDOWS\SYSTEM\mmtask.tsk
+FFFFBD17=C:\WINDOWS\SYSTEM\MPREXE.EXE
+FFFE7DBB=C:\WINDOWS\SYSTEM\STIMON.EXE
+FFFE60AF=C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
+FFFE4047=C:\WINDOWS\EXPLORER.EXE
+FFFEA757=C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
+FFFD18B3=C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
+FFFDB9F3=C:\WINDOWS\TASKMON.EXE
+FFFC48BB=C:\WINDOWS\SYSTEM\SYSTRAY.EXE
+FFFC3267=C:\WINDOWS\LOADQM.EXE
+FFFCC4D7=C:\WINDOWS\SYSTEM\LEXBCES.EXE
+FFFCC2CF=C:\WINDOWS\SYSTEM\WMIEXE.EXE
+FFFB1DE7=C:\WINDOWS\SYSTEM\RPCSS.EXE
+FFFB83FB=C:\PROGRAM FILES\WEBSHOTS\WEBSHOTS.SCR
+FFFB1B97=C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS
SHARED\WKCALREM.EXE
+FFFD35F3=C:\WINDOWS\SYSTEM\DDHELP.EXE
+FFF98B0F=C:\WINDOWS\SYSTEM\LEXPPS.EXE
+FFF9B2CB=C:\PROGRAM FILES\LOGITECH\PROFILER\LWEMON.EXE
+FFF8447F=C:\WINDOWS\SYSTEM\PSTORES.EXE
+FFFEAC03=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
+FFF63D57=C:\MY DOCUMENTS\STARTDRECK\STARTDRECK.EXE
»Application specific
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\WEBSHOTS\WEBSHOTS.SCR
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\PROGRAM FILES\LOGITECH\PROFILER\LWEMON.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://g.msn.com/0SEENUS/SAOS13
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.wmtel.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = http://localhost
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src");
(C:\WINDOWS\Application Data\Mozilla\Profiles\default\z6v3hh1z.slt\prefs.js)
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 82.195.155.5 test3201.winmx.com test3203.winmx.com
test3205.winmx.com test3207.winmx.com
O1 - Hosts: 212.227.64.149 test3202.winmx.com test3204.winmx.com
test3206.winmx.com test3208.winmx.com
O1 - Hosts: 67.18.233.36 c3310.z1301.winmx.com c3310.z1302.winmx.com
c3312.z1305.winmx.com c3312.z1306.winmx.com c3313.z1303.winmx.com
c3313.z1304.winmx.com c3314.z1301.winmx.com c3314.z1302.winmx.com
c3316.z1305.winmx.com c3316.z1306.winmx.com c3317.z1303.winmx.com
c3317.z1304.winmx.com c3318.z1301.winmx.com c3318.z1302.winmx.com
c3318.z1305.winmx.com c3318.z1306.winmx.com c3319.z1303.winmx.com
c3319.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1305.winmx.com c3310.z1306.winmx.com
c3311.z1303.winmx.com c3311.z1304.winmx.com c3312.z1301.winmx.com
c3312.z1302.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
c3315.z1303.winmx.com c3315.z1304.winmx.com c3316.z1301.winmx.com
c3316.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3310.z1303.winmx.com c3310.z1304.winmx.com
c3311.z1301.winmx.com c3311.z1302.winmx.com c3313.z1305.winmx.com
c3313.z1306.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com
c3315.z1301.winmx.com c3315.z1302.winmx.com c3317.z1305.winmx.com
c3317.z1306.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com
c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1305.winmx.com
c3319.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3311.z1305.winmx.com c3311.z1306.winmx.com
c3312.z1303.winmx.com c3312.z1304.winmx.com c3313.z1301.winmx.com
c3313.z1302.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
c3316.z1303.winmx.com c3316.z1304.winmx.com c3317.z1301.winmx.com
c3317.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3520.z1301.winmx.com c3520.z1302.winmx.com
c3522.z1305.winmx.com c3522.z1306.winmx.com c3523.z1303.winmx.com
c3523.z1304.winmx.com c3524.z1301.winmx.com c3524.z1302.winmx.com
c3526.z1305.winmx.com c3526.z1306.winmx.com c3527.z1303.winmx.com
c3527.z1304.winmx.com c3528.z1301.winmx.com c3528.z1302.winmx.com
c3528.z1305.winmx.com c3528.z1306.winmx.com c3529.z1303.winmx.com
c3529.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1305.winmx.com c3520.z1306.winmx.com
c3521.z1303.winmx.com c3521.z1304.winmx.com c3522.z1301.winmx.com
c3522.z1302.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
c3525.z1303.winmx.com c3525.z1304.winmx.com c3526.z1301.winmx.com
c3526.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3520.z1303.winmx.com c3520.z1304.winmx.com
c3521.z1301.winmx.com c3521.z1302.winmx.com c3523.z1305.winmx.com
c3523.z1306.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com
c3525.z1301.winmx.com c3525.z1302.winmx.com c3527.z1305.winmx.com
c3527.z1306.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com
c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1305.winmx.com
c3529.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3521.z1305.winmx.com c3521.z1306.winmx.com
c3522.z1303.winmx.com c3522.z1304.winmx.com c3523.z1301.winmx.com
c3523.z1302.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
c3526.z1303.winmx.com c3526.z1304.winmx.com c3527.z1301.winmx.com
c3527.z1302.winmx.com
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3310.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3312.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3313.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3314.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3316.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3317.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3318.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1304.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1304.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1304.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1304.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1305.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1305.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1305.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1305.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1305.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1305.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1305.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1305.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1305.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1305.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1306.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1306.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3529.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3529.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1303.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1303.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1303.winmx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: WindowsIE.clsIS - {2E12B523-3D4C-4FAC-9B04-0376A8F5E879} -
C:\WINDOWS\WINDOWSIE.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo
Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\RunServices: [RegisterDropHandler]
C:\PROGRA~1\TEXTBR~1.0\BIN\REGIST~1.EXE
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program
Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe"
/background
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program
Files\Logitech\Profiler\lwtest.exe" /detect /quiet /launch "C:\Program
Files\Logitech\Profiler\lwemon.exe /noui"
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program
Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} -
C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM
FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) -
http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona
Control) - http://www.parallelgraphics.com/bin/cortvrml.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer =
167.142.196.204,167.142.196.203
alf