MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: cant access microsoft.com & others
April 07, 2020, 03:23:45 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
April 07, 2020, 03:23:45 AM

Login with username, password and session length
 Featured Sites:
News
Welcome to MyTechSupport.ca! - Registration is FREE, so why not join our friendly community today?
  0 Members and 1 Guest are viewing this topic.
Pages: [1] 2  All Go Down Print
Author Topic: cant access microsoft.com & others  (Read 4990 times)
dugee2230
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 20


Bookmark and Share

View Profile
« on: May 02, 2004, 10:22:48 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version:windows ME
Problem Application Name & Version:
Problem Hardware Make & Model:
Error Messages:dns


Sorry Im new to this and dont Know what else to add, ran this hijack this log today. Im unable to access microsoft and i think adaware and spybot s&d arent updating. Ran the latest version of cwshredder and it finds nothing. Also PCI serial controller resources dont match any known configurations.Any help you can give would be greatly appreciated.  Thank You.    Dugee2230


Download Attachment: hijackthis.txt 5.43
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #1 on: May 02, 2004, 11:00:33 PM »

dugee's log

Logfile of HijackThis v1.97.7
Scan saved at 1:44:37 PM, on 4/11/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\TV VIEWER\TVWAKEUP.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\TV VIEWER\ANNCLIST.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRAM FILES\VERIZON ONLINE\SUPPORTCENTER\SMARTBRIDGE\MOTIVESB.EXE
C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPCLIENT.EXE
C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPMON32.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\REG33.EXE
C:\WINDOWS\DL.EXE
C:\WINDOWS\DLM.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\OLEHELP.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
C:\WINDOWS\TEMP\TD_0005.DIR\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.yellow-pages.ws/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://yellow-pages.ws/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\secure.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\secure.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\secure.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\secure.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.yellow-pages.ws/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://yellow-pages.ws/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\secure.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\secure.html
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPMon32.exe"
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [CompaqSysTray] cpqpscp.exe
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\SYSUPD.EXE
O4 - HKLM\..\Run: [SystemBoot] mshta file:///C:/Windows/wins2.hta
O4 - HKLM\..\Run: [Reg32] C:\WINDOWS\reg33.exe
O4 - HKLM\..\Run: [Dial32] C:\WINDOWS\dl.exe
O4 - HKLM\..\Run: [Dial33] C:\WINDOWS\dlm.exe
O4 - HKLM\..\Run: [system32.dll] C:\WINDOWS\system\systeminit.exe
O4 - HKLM\..\RunServices: [TVWakeup] C:\Progra~1\TVView~1\tvwakeup.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [VidSvr]  
O4 - HKLM\..\RunServices: [Announcements] C:\Program Files\TV Viewer\annclist.exe
O4 - HKLM\..\RunServices: [MSNIA] C:\PROGRA~1\MSN\MSNIA\MSNIASVC.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Disk Master] C:\windows\diskserv.exe
O4 - HKCU\..\Run: [olehelp] C:\WINDOWS\olehelp.exe
O4 - Startup: Microsoft Data Helper.lnk = C:\WINDOWS\cihost.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: Control Pad (HKLM)
O9 - Extra 'Tools' menuitem: Control Pad (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38075.9857986111
O19 - User stylesheet: C:\WINDOWS\sstyle.css (file missing)

Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #2 on: May 02, 2004, 11:48:22 PM »

Are you sure you ran the latest version of CWShredder?
It doesn't look like it.. newest version is 1.57
Either update your version or redownload it from this link
http://www.spywareinfo.com/~merijn/files/CWShredder.exe

If you have updated did you have only CWShredder open While you let
It FIX all problems and then RESTART your computer?
First you must set your computer to show hidden files
Open My Computer.
    * Select the Tools menu and click Folder Options.
    * Select the View Tab.
    * Under the Hidden files and folders heading select Show hidden files and folders.
    * Uncheck the Hide protected operating system files (recommended) option.
    * Click Yes to confirm.
    * Click OK.
    * Click Start, Programs and Accessories and open Windows Explorer.
    * Select a hard drive from the left hand side of the Windows Explorer window.
    * Select View the Entire contents of this drive.

Next: Please move Hijackthis to a Permanent folder where backups can be stored....
Eg---Open MyDocuments---right click an empty spot and select NEW---folder---Name that new folder HJT
If you need to redownload,here's a link
http://www.spywareinfo.com/~merijn/files/HijackThis.exe

If you did all the above let's try to manually fix you up with Hijackthis...Do another scan with Hijackthis
With Hijackthis open and ALL other windows closed (including this one)
put a check next to these entries and Then FIX CHECKED

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.yellow-pages.ws/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://yellow-pages.ws/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\secure.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\secure.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\secure.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\secure.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.yellow-pages.ws/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://yellow-pages.ws/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\secure.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\secure.html

O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\SYSUPD.EXE
O4 - HKLM\..\Run: [SystemBoot] mshta file:///C:/Windows/wins2.hta
O4 - HKLM\..\Run: [Reg32] C:\WINDOWS\reg33.exe
O4 - HKLM\..\Run: [Dial32] C:\WINDOWS\dl.exe
O4 - HKLM\..\Run: [Dial33] C:\WINDOWS\dlm.exe
O4 - HKLM\..\Run: [system32.dll] C:\WINDOWS\system\systeminit.ex
O4 - HKLM\..\RunServices: [VidSvr]

O4 - HKCU\..\Run: [Disk Master] C:\windows\diskserv.exe
O4 - HKCU\..\Run: [olehelp] C:\WINDOWS\olehelp.exe
O4 - Startup: Microsoft Data Helper.lnk = C:\WINDOWS\cihost.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O19 - User stylesheet: C:\WINDOWS\sstyle.css (file missing)

P.S. You can close down this browser window when you have finished checking those entries, but before you FIX CHECKED

An updated CWShredder should properly remove most of those entries

Next restart your computer in Safe Mode

Find and delete these files of folders

C:\WINDOWS\REG33.EXE <----this file
C:\WINDOWS\DL.EXE <----this file
C:\WINDOWS\DLM.EXE <----this file
C:\WINDOWS\OLEHELP.EXE <----this file
C:\WINDOWS\system\systeminit.exe <---this file
C:\windows\diskserv.exe <----this file
C:\WINDOWS\cihost.exe  <----this file
C:\WINDOWS\SYSUPD.EXE <---this file

While still in Safe Mode run CWShredder one more time and let it FIX
all problems

Boot back in Normal Mode and post back with a Fresh Hijackthis log




« Last Edit: May 02, 2004, 11:53:53 PM by benditup » Logged

 
dugee2230
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 20


Bookmark and Share

View Profile
« Reply #3 on: May 03, 2004, 12:52:55 AM »

I apologize I inadvertantly sent you an old hijack this log not sure how here is the correct one

Download Attachment: hijackthis.txt 4.53
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #4 on: May 03, 2004, 01:06:38 AM »

That's okay dugee, I should of checked, I should know better, me bad

Logfile of HijackThis v1.97.7
Scan saved at 8:39:12 PM, on 5/2/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\TV VIEWER\TVWAKEUP.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\TV VIEWER\ANNCLIST.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRAM FILES\VERIZON ONLINE\SUPPORTCENTER\SMARTBRIDGE\MOTIVESB.EXE
C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPCLIENT.EXE
C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPMON32.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\MSHTA.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\CTNOTIFY.EXE
C:\PROGRAM FILES\CREATIVE\AUDIO\PROGRAM\CTMIX32.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\MEDIADET.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPMon32.exe"
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [CompaqSysTray] cpqpscp.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [CreativeMixer] C:\Program Files\Creative\Audio\PROGRAM\CTMIX32.EXE /t
O4 - HKLM\..\RunServices: [TVWakeup] C:\Progra~1\TVView~1\tvwakeup.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [VidSvr]  
O4 - HKLM\..\RunServices: [Announcements] C:\Program Files\TV Viewer\annclist.exe
O4 - HKLM\..\RunServices: [MSNIA] C:\PROGRA~1\MSN\MSNIA\MSNIASVC.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38095.468287037
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #5 on: May 03, 2004, 01:24:10 AM »

I don't see any Anti-virus software running on your computer
Could you please do an online scan at TrendMicros and let it fix all,
if any problems found, thanx
http://housecall.trendmicro.com/

Could you also enter your device manager
Right click on the My Computer icon on desktop---left click properties----Under Device Manager tab do you see any yellow exclamation marks or any red x's
Logged

 
dugee2230
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 20


Bookmark and Share

View Profile
« Reply #6 on: May 03, 2004, 04:01:28 AM »

Thank you that scan found lots of Trojans. unfortunately some could not be removed such as p*rndial bp, startpage O, unst.a, muss.a, tinpik.a,nex.b etc there were 24 files running. In system properties Other Devices Pci Multimedia Audio Devices and Pci serial controller under the resources tab it says resources do not match any known settings for this device. The input output range is set at E8OO to E8FF for the Pci Audio and for the pci Serial controller is set at EFOOOOOO to EFOOFFFF.I will try to remove what trojans I can in safe mode and consult w you again tomorrow  thanks again for you help
Logged

 
sixpac
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 45


Bookmark and Share

View Profile
« Reply #7 on: May 09, 2004, 02:17:39 PM »

You can probably get rid of that stuff doing a scan here

http://onlinecheck.emsisoft.com/en

Post back and let us know how things are
Logged

 
dugee2230
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 20


Bookmark and Share

View Profile
« Reply #8 on: May 26, 2004, 03:06:45 PM »

Here are the results of that scan unfortunately the aforementioned trojans were not removed. I am still unable to access microsoft and other sites and when i scan at trend micro the same trojans are still present. Thanks again for whatever help you can lend.    Unfortunately the file type and size are not supported, the port check came up all ports closed and no harmful activex controls were found.Huh?
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #9 on: May 27, 2004, 12:51:10 AM »

Here's a suggestion Dugee, You may want to download an anti-virus
Here's a free one if you don't have one yet
http://www.grisoft.com/us/us_dwnl_free.php

Click the download free edition at the bottom of the page
Supply them with a legitimate ISP email account

Install it-----UPDATE it-----Next you will want to Disable system restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm

RESTART your computer, Do a Scan with AVG---Enable System Restore

Post back how your doing and an updated hijackthis log please
Logged

 
dugee2230
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 20


Bookmark and Share

View Profile
« Reply #10 on: May 31, 2004, 11:56:49 PM »

only one trojan remains js*xception.gen, which is in temporary internet files....
Logged

 
dugee2230
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 20


Bookmark and Share

View Profile
« Reply #11 on: June 19, 2004, 02:59:32 PM »

hi again, sorry js exception gen was deleted the trojan that remains is betterinternet vx2. its  in windows media player but will not stay deleted it replicates itself in less than 5 seconds. Scanning at Trend Micro doesnt find it but adaware does it  says it will delete it at startup, but at startup it doesnt find it.Thanks again for sharing your knowledge!!
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #12 on: June 19, 2004, 07:54:19 PM »

Hi dugee, it's been over a couple weeks
Can you do me a favor and download and run this utility
Make a log and post it here
http://www.downloads.subratam.org/VX2Finder9x.exe

Would you also post a Fresh hijackthis log, thanx
Logged

 
dugee2230
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 20


Bookmark and Share

View Profile
« Reply #13 on: June 20, 2004, 09:43:21 PM »

Here are those results and thanks again for your help!           Cool

Download Attachment: vx2.txt 507 Bytes
Right click and select Save Target As... then rename the file as shown here and save.

Download Attachment: log.txt 431 Bytes
Right click and select Save Target As... then rename the file as shown here and save.
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #14 on: June 20, 2004, 10:00:04 PM »

dugee, can you do another scan and just copy and paste the hijackthis
log into your next reply, thanx
I didn't see nothing when I tried to save it...
Logged

 
Pages: [1] 2  All Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page October 28, 2018, 02:25:51 PM