i also have the blue flu, usual system warning cannot run normal mode
Please help
This is my hijackthis logfile
Logfile of HijackThis v1.99.1
Scan saved at 03:08:25, on 19/04/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
C:\wp.exe
C:\WINDOWS\sllights.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Richie\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eircom.net/email
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.planetis.com/uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eircom.net/email
O1 - Hosts: 209.123.181.91 ad0.bigmir.net
O1 - Hosts: 209.123.181.91 ad7.bigmir.net
O1 - Hosts: 209.123.181.91 ad4.bigmir.net
O1 - Hosts: 209.123.181.91 ad2.bigmir.net
O1 - Hosts: 209.123.181.91 b468.abn.com.ua
O1 - Hosts: 209.123.181.91 b100.abn.com.ua
O1 - Hosts: 209.123.181.91 b120.abn.com.ua
O1 - Hosts: 209.123.181.91 b160.abn.com.ua
O1 - Hosts: 209.123.181.91 b600.abn.com.ua
O1 - Hosts: 209.123.181.91 banner.kiev.ua
O1 - Hosts: 209.123.181.91 ab.adpro.com.ua
O1 - Hosts: 209.123.181.91 bs.yandex.ru
O1 - Hosts: 209.123.181.91 ad2.rambler.ru
O1 - Hosts: 209.123.181.91 ad.rambler.ru
O1 - Hosts: 209.123.181.91 ad1.rambler.ru
O1 - Hosts: 209.123.181.91 global.msads.net
O1 - Hosts: 209.123.181.91 ad.adriver.ru
O1 - Hosts: 209.123.181.91 ad.gen.tbn.ru
O1 - Hosts: 209.123.181.91 ad.100-gen.tbn.ru
O1 - Hosts: 209.123.181.91 ad.tbn.ru
O1 - Hosts: 209.123.181.91 ad.clickhere.ru
O1 - Hosts: 209.123.181.91 rb2.design.ru
O1 - Hosts: 209.123.181.91 ad.strict.tbn.ru
O1 - Hosts: 209.123.181.91 ad.bannerbank.ru
O1 - Hosts: 209.123.181.91 ad.100.tbn.ru
O1 - Hosts: 209.123.181.91 ad4.lbn.ru
O1 - Hosts: 209.123.181.91 ad.text.tbn.ru
O1 - Hosts: 209.123.181.91 ad2.bannerbank.ru
O1 - Hosts: 209.123.181.91 ad4.bannerbank.ru
O1 - Hosts: 209.123.181.91 r.mail.ru
O1 - Hosts: 209.123.181.91 ad100.prbn.ru
O1 - Hosts: 209.123.181.91 ushki.caricatura.ru
O1 - Hosts: 209.123.181.91 d.clx.ru
O1 - Hosts: 209.123.181.91 link.link.ru
O1 - Hosts: 209.123.181.91 s1.adward.ru
O1 - Hosts: 209.123.181.91 s.clx.ru
O1 - Hosts: 209.123.181.91 adv.aport.ru
O1 - Hosts: 209.123.181.91 softbn.ru
O1 - Hosts: 209.123.181.91 ad6.bannerbank.ru
O1 - Hosts: 209.123.181.91 google.com
O1 - Hosts: 0
O1 - Hosts: 209.123.181.91 ad0.bigmir.net
O1 - Hosts: 209.123.181.91 ad7.bigmir.net
O1 - Hosts: 209.123.181.91 ad4.bigmir.net
O1 - Hosts: 209.123.181.91 ad2.bigmir.net
O1 - Hosts: 209.123.181.91 b468.abn.com.ua
O1 - Hosts: 209.123.181.91 b100.abn.com.ua
O1 - Hosts: 209.123.181.91 b120.abn.com.ua
O1 - Hosts: 209.123.181.91 b160.abn.com.ua
O1 - Hosts: 209.123.181.91 b600.abn.com.ua
O1 - Hosts: 209.123.181.91 banner.kiev.ua
O1 - Hosts: 209.123.181.91 ab.adpro.com.ua
O1 - Hosts: 209.123.181.91 bs.yandex.ru
O1 - Hosts: 209.123.181.91 ad2.rambler.ru
O1 - Hosts: 209.123.181.91 ad.rambler.ru
O1 - Hosts: 209.123.181.91 ad1.rambler.ru
O1 - Hosts: 209.123.181.91 global.msads.net
O1 - Hosts: 209.123.181.91 ad.adriver.ru
O1 - Hosts: 209.123.181.91 ad.gen.tbn.ru
O1 - Hosts: 209.123.181.91 ad.100-gen.tbn.ru
O1 - Hosts: 209.123.181.91 ad.tbn.ru
O1 - Hosts: 209.123.181.91 ad.clickhere.ru
O1 - Hosts: 209.123.181.91 rb2.design.ru
O1 - Hosts: 209.123.181.91 ad.strict.tbn.ru
O1 - Hosts: 209.123.181.91 ad.bannerbank.ru
O1 - Hosts: 209.123.181.91 ad.100.tbn.ru
O1 - Hosts: 209.123.181.91 ad4.lbn.ru
O1 - Hosts: 209.123.181.91 ad.text.tbn.ru
O1 - Hosts: 209.123.181.91 ad2.bannerbank.ru
O1 - Hosts: 209.123.181.91 ad4.bannerbank.ru
O1 - Hosts: 209.123.181.91 r.mail.ru
O1 - Hosts: 209.123.181.91 ad100.prbn.ru
O1 - Hosts: 209.123.181.91 ushki.caricatura.ru
O1 - Hosts: 209.123.181.91 d.clx.ru
O1 - Hosts: 209.123.181.91 link.link.ru
O1 - Hosts: 209.123.181.91 s1.adward.ru
O1 - Hosts: 209.123.181.91 s.clx.ru
O1 - Hosts: 209.123.181.91 adv.aport.ru
O1 - Hosts: 209.123.181.91 softbn.ru
O1 - Hosts: 209.123.181.91 ad6.bannerbank.ru
O1 - Hosts: 209.123.181.91 google.com
O1 - Hosts: 0
O1 - Hosts: ` be@_C}WkPW8Y_Nx_]oD)E mke
O1 - Hosts: 69.50.173.4 lycos.com
O1 - Hosts: 69.50.173.4 www.lycos.com
O1 - Hosts: 69.50.173.4 altavista.com
O1 - Hosts: 69.50.173.4 www.altavista.com
O1 - Hosts: 69.50.173.4 amazon.com
O1 - Hosts: 69.50.173.4 www.amazon.com
O1 - Hosts: 69.50.173.4 aol.com
O1 - Hosts: 69.50.173.4 www.aol.com
O1 - Hosts: 69.50.173.4 earthlink.net
O1 - Hosts: 69.50.173.4 www.earthlink.net
O1 - Hosts: 69.50.173.4 ebay.com
O1 - Hosts: 69.50.173.4 www.ebay.com
O1 - Hosts: 69.50.173.4 go.com
O1 - Hosts: 69.50.173.4 www.go.com
O1 - Hosts: 69.50.173.4 google.com
O1 - Hosts: 69.50.173.4 www.google.com
O1 - Hosts: 69.50.173.4 icq.com
O1 - Hosts: 69.50.173.4 www.icq.com
O1 - Hosts: 69.50.173.4 lycos.com
O1 - Hosts: 69.50.173.4 www.lycos.com
O1 - Hosts: 69.50.173.4 msn.com
O1 - Hosts: 69.50.173.4 www.msn.com
O1 - Hosts: 69.50.173.4 yahoo.com
O1 - Hosts: 69.50.173.4 www.yahoo.com
O1 - Hosts: 69.50.173.4 lycos.com
O1 - Hosts: 69.50.173.4 www.lycos.com
O1 - Hosts: 69.50.173.4 altavista.com
O1 - Hosts: 69.50.173.4 www.altavista.com
O1 - Hosts: 69.50.173.4 amazon.com
O1 - Hosts: 69.50.173.4 www.amazon.com
O1 - Hosts: 69.50.173.4 aol.com
O1 - Hosts: 69.50.173.4 www.aol.com
O1 - Hosts: 69.50.173.4 earthlink.net
O1 - Hosts: 69.50.173.4 www.earthlink.net
O1 - Hosts: 69.50.173.4 ebay.com
O1 - Hosts: 69.50.173.4 www.ebay.com
O1 - Hosts: 69.50.173.4 go.com
O1 - Hosts: 69.50.173.4 www.go.com
O1 - Hosts: 69.50.173.4 google.com
O1 - Hosts: 69.50.173.4 www.google.com
O1 - Hosts: 69.50.173.4 icq.com
O1 - Hosts: 69.50.173.4 www.icq.com
O1 - Hosts: 69.50.173.4 lycos.com
O1 - Hosts: 69.50.173.4 www.lycos.com
O1 - Hosts: 69.50.173.4 msn.com
O1 - Hosts: 69.50.173.4 www.msn.com
O1 - Hosts: 69.50.173.4 yahoo.com
O1 - Hosts: 69.50.173.4 www.yahoo.com
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security iGuard\Security iGuard.exe
O4 - HKLM\..\Run: [Blondes] C:\Program Files\Video1\Dialers\Blondes\Blondes.exe /dontdial
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\Richie\LOCALS~1\Temp\20054191541_mcinfo.exe /insfin
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\Richie\LOCALS~1\Temp\20054191542_mcappins.exe /v=3 /cleanup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - HKCU\..\Run: [WindowsFY] c:\wp.exe
O4 - Global Startup: Microsoft Office Fast Start.lnk = C:\MSOffice\Office\FASTBOOT.EXE
O4 - Global Startup: Microsoft Office Find Fast Indexer.lnk = C:\MSOffice\Office\FINDFAST.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.planetis.com/uk
O16 - DPF: {11111111-1111-1111-1111-111111111111} - ms-its:mhtml:file://C:\foo.mht!http://195.225.176.2...b.chm::/1/e.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...83/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1113813998591
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E95A158-8A17-449A-9FE3-8F040EA3767C}: NameServer = 159.134.237.6 159.134.248.17
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
any help available