TechSpot

hijakthis log file

By slinkyralph
Aug 11, 2005
  1. help msn keeps sending anyone online in my contacts list a message every 5 mins without my consent and half my mates have blocked me till i fix it :mad:
     
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 8,165

    C:\Documents and Settings\sam\Desktop\hijackthis\HijackThis.exe
    Go here, follow the instructions EXACTLY, especially about putting HijackThis in e.g C:\HJT and NOT on your Desktop or in Temp!.
    How to remove Begin2Search/Coolwebsearch and Other Nasties

    The following items are the baddies; treat them as you go through the instructions.

    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\girigfee\kernel32.exe <<== is a Floodnet virus and attempts to send e-mails to everyone

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.remusomega.com/
    O1 - Hosts: 82.197.66.132 nagios2.c4l.co.uk
    O4 - HKLM\..\Run: [Virgins] C:\Program Files\Video1\Dialers\Virgins\Virgins.exe /dontdial
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [kernel32] C:\WINDOWS\system32\girigfee\kernel32.exe
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O10 - Unknown file in Winsock LSP: c:\windows\system32\bmi_lsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\bmi_lsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\bmi_lsp.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/097cda5b1067e1455f21/netzip/RdxIE601.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1096999523390
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{59C44AF2-72C0-42C3-893C-1C6D6C1163B5}: NameServer = 80.253.114.33
    O17 - HKLM\System\CCS\Services\Tcpip\..\{92D91187-D526-4BFD-B15D-C0A0234D8CDB}: NameServer = 80.253.114.33
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A0C5EE4D-87E2-4F57-968B-61052DAE7D69}: NameServer = 80.253.114.33
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B9B13BA6-B8E7-4271-8F23-A30511DD259B}: NameServer = 80.253.114.39,80.253.114.33
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.