MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Hardware Support arrow Hardware Devices Problems arrow Topic: OH NO! WHAT NOW?!
November 19, 2019, 09:40:23 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
November 19, 2019, 09:40:23 PM

Login with username, password and session length
 Featured Sites:
News
New  New Poll on our main page!
"My experience with Vista..."
  0 Members and 1 Guest are viewing this topic.
Pages: [1] 2  All Go Down Print
Author Topic: OH NO! WHAT NOW?!  (Read 3401 times)
Lil_Miss_Oops
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 33


Bookmark and Share

View Profile
« on: February 24, 2004, 02:34:24 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version: Windows XP
Problem Application Name & Version: everything
Problem Hardware Make & Model:
Error Messages: windows has caused an error and needs to close.
there is an error computer will restart in 20 seconds(with countdown and does restart)



okay, I had everything all fixed, Life was sooo good. thenone day My babysitter came over and we went out. blah blah blah.... I go to use the computer on the next day and I have this page that says i-lookup.com on it and it's now my new homepage which is not what I had set up. aaand I can't reset it anymore cause it just goes back to setting the home page the i-lookup.com
I have like 4 new search bars. I get pop ups constantly explorer keeps getting errors. ???and my pc-cillin says I don't have a virus but spy bot says I have like a million spyware applications, also gets rid of them but they just come right back.
and I sometimes let the computer rum while I cook and them some p*rn page just comes up with nobody even at the computer just pops right up and it's the same one everytime. I have so much wrong with this thing I am going CRAZY Undecided
also when I am finally getting to do what I want I my page just changes on me while I'm reading something. it's some your at risk page or something. how can I fix all this. nothing seems to help.

 Sad SOMEBODY HELP ME PLEASE!!!!!!
Lips Sealed
Logged

I am always Messing up somewhere I hope you can help. :OI
Admin
Administrator
Hero Member
*****

Karma: +4/-0
Offline Offline

Gender: Male
Posts: 4898



Bookmark and Share

View Profile
« Reply #1 on: February 24, 2004, 06:22:45 PM »

Hi,

Can't you use spybot to clean all this?
Logged

Sylvain Amyot
http://www.mytechsupport.ca

If you like to concept of this site and want to help, click here to find out how.
Lil_Miss_Oops
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 33


Bookmark and Share

View Profile
« Reply #2 on: February 24, 2004, 07:49:48 PM »

spybot runs everytime at my startup and it "does" take all this out. however while I am on the computer it starts comming back little by little until it's all back.and my pc cillin doesn't detect anything. whel the pc cillin runs... it comes up clean everytime.
Logged

I am always Messing up somewhere I hope you can help. :OI
Admin
Administrator
Hero Member
*****

Karma: +4/-0
Offline Offline

Gender: Male
Posts: 4898



Bookmark and Share

View Profile
« Reply #3 on: February 24, 2004, 08:43:28 PM »

Hi,

PC-Cillin is an anti-virus utility which doesn't scan for spyware.

When surfing, make sure you do not accept any software installation offers that may pop-up from visiting certain sites.
Logged

Sylvain Amyot
http://www.mytechsupport.ca

If you like to concept of this site and want to help, click here to find out how.
Lil_Miss_Oops
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 33


Bookmark and Share

View Profile
« Reply #4 on: February 25, 2004, 04:30:16 AM »

okay I will make sure to do that. I don't ever accept downloads unless I am the one requestiong to download....
Is there any adviseyou can give me, or do you know how I can get rid of this malware/spyware.... whatever it is?
Logged

I am always Messing up somewhere I hope you can help. :OI
dashhoju
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 8


Bookmark and Share

View Profile
« Reply #5 on: February 25, 2004, 05:28:58 AM »

I had the same problem a little bit ago...the only way I was able to stop it was to install a firewall. The antivirus worked great for getting rid of it, but the only way i found to stop it from entering my machine in the first place was by firewall. I use a free one. It works fine, haven't had a problem since-also...make sure you have All of your updates in!!!
Logged

 
MJL54
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 37


Bookmark and Share

View Profile
« Reply #6 on: February 27, 2004, 07:42:16 PM »

Get AdAware.  It's free and it cleans out all of your spyware.  Spyware are just little applets that attach themselves to your system as you browse on the internet so that the advertisers can track you down and send you more junk.  The first time I ran AdAware I think it found about 300 entries.  After that, I never had any problems (I run it every time I go on to net and it almost always finds something, especially if I've spent a good deal of time there and gone to many different websites) - not to mention that it can **** out your whole system by slowing it down, etc.
MJL54
Logged

 
Lil_Miss_Oops
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 33


Bookmark and Share

View Profile
« Reply #7 on: February 29, 2004, 12:00:33 AM »

someone told me to empty my computer completely. and re-install Windows XP.
I will do that. However.... How do I erase everything from my computer so that it's an empty ol thing. so that theres no program on it at all. how do I do that. can anyone help me?
Logged

I am always Messing up somewhere I hope you can help. :OI
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #8 on: February 29, 2004, 12:10:09 AM »

A clean install may not be a bad idea but probably a little overboard.
First, could you right click on your desktop and create a new folder
Name it HJT
Download Hijackthis:
http://www.majorgeeks.com/download3155.html
Save to disk---Extract it too the newly made folder on the desktop---
Close down all open windows and then run hijackthis.exe
Scan-----Save log--Copy and paste the whole contents of the log here
Logged

 
Lil_Miss_Oops
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 33


Bookmark and Share

View Profile
« Reply #9 on: February 29, 2004, 03:41:01 AM »

I went there and heres the log......


Logfile of HijackThis v1.97.7
Scan saved at 7:43:12 AM, on 2/28/2004
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\VetMsgNT.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\RunDll32.exe
C:\PROGRA~1\MOUSES~1\bally4d.exe
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\Media\Media\UpdateStats.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\Program Files\NetMeeting\conf.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\Kontiki\bin\kontiki.exe
C:\Documents and Settings\Linda Hernandez\Application Data\alua.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\wnsapicc.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AproposClient\Apropos.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Linda Hernandez\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.migente.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie/button/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R3 - URLSearchHook: IncrediFindBHO Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\bi.dll
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\Program Files\AproposClient\AproposPlugin.dll
O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program Files\Kontiki\bin\bh309190.dll
O2 - BHO: ohb - {18B79968-1A76-4953-9EBB-B651407F8998} - C:\WINDOWS\System32\windec32.dll
O2 - BHO: (no name) - {2CF0B992-5EEB-4143-99C0-5297EF71F443} - C:\WINDOWS\System32\stlbdist.DLL
O2 - BHO: (no name) - {38ADD9B8-254C-4C4E-B5F5-08F73F7271A2} - C:\WINDOWS\System32\danijm.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O3 - Toolbar: SuperBar - {62FB1E1C-09B5-4F60-95E1-5B6E62A9990E} - C:\Program Files\SuperBar\SuperBar.Dll (file missing)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [HorngTech4D] C:\PROGRA~1\MOUSES~1\bally4d.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [UpdateStats] C:\Program Files\Media\Media\UpdateStats.exe
O4 - HKLM\..\Run: [RVP] "C:\Program Files\RVP\bpc.exe"
O4 - HKLM\..\Run: [{2CF0B992-5EEB-4143-99C0-5297EF71F444}] rundll32.exe C:\WINDOWS\System32\stlbdist.DLL,DllRunMain
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKCU\..\Run: [IM] C:\Program Files\earthlinkim\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [AutoClear] C:\PROGRA~1\ALLCLE~1\AutoCleaner.exe
O4 - HKCU\..\Run: [Microsoft NetMeeting] "C:\Program Files\NetMeeting\conf.exe" -Background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DesktopX] "C:\Program Files\Stardock\Object Desktop\DesktopX\DesktopX.exe"
O4 - HKCU\..\Run: [cnet] "C:\Program Files\Kontiki\bin\kontiki.exe"  -s cnet -q
O4 - HKCU\..\Run: [Tats] C:\Documents and Settings\Linda Hernandez\Application Data\alua.exe
O4 - HKCU\..\Run: [WNST] C:\WINDOWS\System32\wnsapicc.exe
O4 - HKLM\..\RunOnce: [!CleanupNetMeetingDispDriver] "C:\WINDOWS\System32\rundll32.exe" msconf.dll,CleanupNetMeetingDispDriver 0
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EZ Firewall.lnk = C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Get It With Kontiki - res://C:\Program Files\Kontiki\bin\bh309190.dll/201
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1077654685389
O16 - DPF: {20000273-8230-4DD4-BE4F-6889D1E74167} - http://download.abetterinternet.com/download/cabs/FON19119/payload2.cab
O16 - DPF: {30000273-8230-4DD4-BE4F-6889D1E74167} - http://download.abetterinternet.com/download/cabs/FON19119/flash.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78D} (DoomCln Object) - http://www.microsoft.com/security/controls/DoomCln.CAB
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_1us.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6695DB82-D1E7-4F42-AC0C-F85AAC4DC199}: NameServer = 209.63.6.4 209.63.7.2




soooooo. can you help me?....?
Logged

I am always Messing up somewhere I hope you can help. :OI
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #10 on: February 29, 2004, 06:54:46 AM »

As I suggested previously, could you please make a folder,
name it HJT and either extract Hijackthis to that folder
or copy and paste Hijackthis from the temp folder to that location.
This is important because hijackthis will make a backup to that folder.

First download CWShredder 1.50---they are making changes everyweek to
this program  http://www.mvps.org/winhelp2002/unwanted.htm
Close down all other open window and double click on CWShredder
Click on Fix---let it fix all problems and then reboot your machine
Next open up just Hijackthis with all other windows closed
Put a check next to each one of these remaining entries

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R3 - URLSearchHook: IncrediFindBHO Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\bi.dll
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\Program Files\AproposClient\AproposPlugin.dll
O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program Files\Kontiki\bin\bh309190.dll
O2 - BHO: ohb - {18B79968-1A76-4953-9EBB-B651407F8998} - C:\WINDOWS\System32\windec32.dll
O2 - BHO: (no name) - {2CF0B992-5EEB-4143-99C0-5297EF71F443} - C:\WINDOWS\System32\stlbdist.DLL
O2 - BHO: (no name) - {38ADD9B8-254C-4C4E-B5F5-08F73F7271A2} - C:\WINDOWS\System32\danijm.dll
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O3 - Toolbar: SuperBar - {62FB1E1C-09B5-4F60-95E1-5B6E62A9990E} - C:\Program Files\SuperBar\SuperBar.Dll (file missing)

O4 - HKLM\..\Run: [RVP] "C:\Program Files\RVP\bpc.exe"
O4 - HKLM\..\Run: [{2CF0B992-5EEB-4143-99C0-5297EF71F444}] rundll32.exe C:\WINDOWS\System32\stlbdist.DLL,DllRunMain

O16 - DPF: {20000273-8230-4DD4-BE4F-6889D1E74167} - http://download.abetterinternet.com/download/cabs/FON19119/payload2.cab
O16 - DPF: {30000273-8230-4DD4-BE4F-6889D1E74167} - http://download.abetterinternet.com/download/cabs/FON19119/flash.cab

Reboot and delete this folder
C:\Program Files\AproposClient\Apropos.exe

I've probably missed some stuff so be sure to post back another fresh hijackthis log after running cwshredder and hijackthis

Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #11 on: February 29, 2004, 06:56:11 AM »

Also, can you go to Windows update and get the latest critical updates
for security reasons
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #12 on: February 29, 2004, 07:45:58 AM »

Here is an Alternate link for both CWShredder(which by-the-way)
has been updated again and Hijackthis
Both are in exe and zip formats
http://www.spywareinfo.com/~merijn/downloads.html
Logged

 
Lil_Miss_Oops
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 33


Bookmark and Share

View Profile
« Reply #13 on: March 04, 2004, 02:49:29 PM »

it worked for a while, maybe a couple of days. but now...... the same thing. I am just going to start over. how do I erase everything from my computer? I want to make it so that theres nothing at all on my computer... so that even if I try to get something i can't. I don't want it sneaking up on me later. how do I do that? I've already saved all my music and my photos and my favorites to a disc so that I can at least access that if I want to. but everything else I want gone, so I can start new.
Logged

I am always Messing up somewhere I hope you can help. :OI
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #14 on: March 04, 2004, 07:49:04 PM »

It was very very important that you posted back a new log and got the
latest critical updates from windows update....
I'm almost postive we could of got you rid of all this.
But if you feel like you need to start over here's a link
that will walk you thru it..
http://www.winsupersite.com/showcase/windowsxp_sg_clean.asp
Logged

 
Pages: [1] 2  All Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page December 07, 2016, 10:11:05 PM