Messenger spam - HJT log

Started by Vege, Sep 22 2006 01:49 PM

You cannot reply to this topic

1 reply to this topic

#1 OFFLINE Vege

Newbie

Members
1 posts

Posted 22 September 2006 - 01:49 PM

Hi all! I have this problem with Windows Live Messenger, that it sends spam messages to my contact list's members. This virus slowing my computer too! I need help! :unsure:

There is my log:

Logfile of HijackThis v1.99.1
Scan saved at 16:37:36, on 22.9.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\F-SECU~1\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\MSN Messenger\msgs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\drsmartload.exe
c:\kybrdff_e11.exe
c:\drsmartload.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Common Files\{085894ED-0449-1035-1109-010311180166}\Update.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ari Koivuselkä\Työpöytä\HijackThis.exe

O20 - Winlogon Notify: Dynamic Directory - C:\WINDOWS\system32\cdmctl32.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: F-Secure 2006 (BackWeb Plug-in - 4476822) - F-Secure Internet Security 2005 - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\system32\ImapiRox.exe
O23 - Service: W2k PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe

Need help! Hurry plz! :unsure:

Back to top

#2 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 22 September 2006 - 02:11 PM

Download Ewido Anti-Spyware

Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
After the update finishes (the status bar at the bottom will display "Update successful")
Click on the Scanner tab at the top and then click on Complete System Scan
Ewido will list any infections found on the left, when the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will then display "All actions have been applied" on the right.
Click on "Save Report", then "Save Report As". This will create a text file which you can then save to the Desktop and post back

Post the ewido log and a new hijack this log.

Back to top

Back to Spyware Hell