TechSpot

hijakthis log file

By slinkyralph
Aug 11, 2005
  1. help msn keeps sending anyone online in my contacts list a message every 5 mins without my consent and half my mates have blocked me till i fix it :mad:
     
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    C:\Documents and Settings\sam\Desktop\hijackthis\HijackThis.exe
    Go here, follow the instructions EXACTLY, especially about putting HijackThis in e.g C:\HJT and NOT on your Desktop or in Temp!.
    How to remove Begin2Search/Coolwebsearch and Other Nasties

    The following items are the baddies; treat them as you go through the instructions.

    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\girigfee\kernel32.exe <<== is a Floodnet virus and attempts to send e-mails to everyone

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.remusomega.com/
    O1 - Hosts: 82.197.66.132 nagios2.c4l.co.uk
    O4 - HKLM\..\Run: [Virgins] C:\Program Files\Video1\Dialers\Virgins\Virgins.exe /dontdial
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [kernel32] C:\WINDOWS\system32\girigfee\kernel32.exe
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O10 - Unknown file in Winsock LSP: c:\windows\system32\bmi_lsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\bmi_lsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\bmi_lsp.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/097cda5b1067e1455f21/netzip/RdxIE601.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1096999523390
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{59C44AF2-72C0-42C3-893C-1C6D6C1163B5}: NameServer = 80.253.114.33
    O17 - HKLM\System\CCS\Services\Tcpip\..\{92D91187-D526-4BFD-B15D-C0A0234D8CDB}: NameServer = 80.253.114.33
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A0C5EE4D-87E2-4F57-968B-61052DAE7D69}: NameServer = 80.253.114.33
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B9B13BA6-B8E7-4271-8F23-A30511DD259B}: NameServer = 80.253.114.39,80.253.114.33
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...