**** msn

Status
Not open for further replies.
I

i_learn

In Runtime
Messages
114
i have trouble with this exe file...called hellmsn.exe its impossible to remove....please help
 
here is the hijack this log..........
Logfile of HijackThis v1.99.1
Scan saved at 11:33:34 PM, on 3/5/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Satyamurthy\Desktop\HijackThis.exe

R3 - URLSearchHook: (no name) - {B9170363-EAAE-B502-D108-BC3EC02073B7} - C:\WINDOWS\System32\bnwpl.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {ECEEEA2C-E00A-3999-9081-7E7C859A5931} - sound64.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRAM FILES\GO!ZILLA\download-with-gozilla.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O16 - DPF: Win32 Classes -
O16 - DPF: {2ABE804B-4D3A-41BF-A172-304627874B45} - http://usa-scripts.downloadv3.com/binaries/DialHTML/EGDHTML.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/in/games1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2A34EBFE-58D4-446E-877A-0E2032493ADB}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE2A61A9-82B4-40CB-A85E-AEB0801220FD}: NameServer = 202.63.173.66 202.63.164.18
O20 - Winlogon Notify: RunOnce - C:\WINDOWS\system32\l66o0gj3e6o.dll (file missing)
O20 - Winlogon Notify: winjit32 - C:\WINDOWS\SYSTEM32\winjit32.dll
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
 
i dont see any hellmsn in this log you probably alredy got rid of it somehow , but i do see some other things that you need to remove
restart in safe mode (press F8 til youll see a menu and select "safe mode") run hijackthis scan again and tick these items and click "fix checked" and "yes"
R3 - URLSearchHook: (no name) - {B9170363-EAAE-B502-D108-BC3EC02073B7} - C:\WINDOWS\System32\bnwpl.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {ECEEEA2C-E00A-3999-9081-7E7C859A5931} - sound64.dll (file missing)
O20 - Winlogon Notify: RunOnce - C:\WINDOWS\system32\l66o0gj3e6o.dll (file missing)
O20 - Winlogon Notify: winjit32 - C:\WINDOWS\SYSTEM32\winjit32.dll
O16 - DPF: Win32 Classes -

when done search & delete these files
bnwpl.dll/sound64.dll/ 66o0gj3e6o.dll/winjit32.dll and restart and make a new log copy & paste it

now for an offtopic issue , what are you thinking?? from what i see in this log your not using any antivirus/firewall thats very dangerous , also i suggest youll install service pack 1 or 2
 
Yeah, seriously. I see you got Ad-Aware, but that's not going to get any viruses really. If yer not going to use an AV, don't even bother trying to keep things clean. You could spend your life sorting things out.

I mean, this is like writing in saying you're having trouble with dirt in your carburetor, but you aren't using an air filter. *smacks head*
 
Status
Not open for further replies.

Similar threads

M
Thinking of upgrading from Ryzen 5 1400 to ryzen 7 5700G on same motherboard
Replies
0
Views
329
mikee
M
P
ComboFix Replacement
Replies
5
Views
509
PC_Cone
P
P
Convert virtual hard disk image to OVF/OVA
Replies
0
Views
600
Paul Kinyanjui
P
R
dell 9310 why so hard to upgrade windows?
Replies
5
Views
760
raverx3m
R
A
Microsoft Outlook 2021 Does Not Install Important Add-In Tool Anymore - Please Help
Replies
0
Views
1K
Azam.biz
A
Back
Top Bottom