MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: Sorry, it didn't work out!
December 07, 2019, 05:48:28 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
December 07, 2019, 05:48:28 PM

Login with username, password and session length
 Featured Sites:
News
Article Writers We are looking for quality, informational articles to add to our Computer Articles
Please contact us if you are interested in submitting some....
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: Sorry, it didn't work out!  (Read 15613 times)
Tenderheart78
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 11


Bookmark and Share

View Profile
« on: March 04, 2005, 10:08:22 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version:
Problem Application Name & Version:
Problem Hardware Make & Model:
Error Messages:



Hello Again,

I am sorry for disturbing you but I still have the same thing that drive me crazy! I did all the things that you adviced me but THE ONLY I WAS afraid of deleting in Windows/System 32  was that folder: dllcache
I know there was written to delete all the highlited but I was afraid of being able to start Windows after that. Please let me know what to do so I can remove the stupid thing except for that it says Access to the object C:\...\LOCALS~1\Temp\se.dll is blocked. Object is a Trojan Trojan.Win32.StartPage.uz. It is recommended to delete this object. So after I confirm deleting it, it dissapers but just for the moment. After that when I ry to clean the registry with System Mechanic or RegSupreme it appears again the same message so this ...thing is loaded somewhere, I already got crazy and don't want to format my HDD just for that...have too many things now...Sad(( so PLEASE Help me if you can I will be thankful.
Here is the new log file after doing what you told me in the previous message. Thanks in advance.
Regards, Tenderheart

Logfile of HijackThis v1.99.1
Scan saved at 23:44:47, on 04.03.2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\WINDOWS\PowerS.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\Datecs\Flex2K.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\wuauclt.exe
E:\install\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = http://clearsurfing.net/srch.php?qq=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: 69.61.38.52 auto.search.msn.com
O1 - Hosts: 69.61.38.52 search.msn.com
O1 - Hosts: 69.61.38.52 ie.search.msn.com
O1 - Hosts: 69.50.136.245 www.madthumbs.com
O1 - Hosts: 69.50.136.245 madthumbs.com www.s*xocean.com s*xocean.com www.cowlist.com cowlist.com www.easygals.com easygals.com www.muyzorras.com muyzorras.com www.xnxx.com xnxx.com
O1 - Hosts: 69.50.136.245 www.pichunter.com pichunter.com www.88by88.com 88by88.com www.rubias19.com rubias19.com hqgal.com www.hqgal.com petiteteenager.com www.petiteteenager.com petardas.com www.petardas.com
O1 - Hosts: 69.50.136.245 puppykibble.com www.puppykibble.com www.sweetiestgp.com sweetiestgp.com www.bunnyteens.com bunnyteens.com www.amateurcurves.com amateurcurves.com thumbzilla.com www.thumbzilla.com
O1 - Hosts: 69.50.136.245 s*xape.com www.s*xape.com picwarehouse.com www.picwarehouse.com sublimedirectory.com www.sublimedirectory.com ****k.com www.****k.com youngerbabes.com www.youngerbabes.com 1storgasm.com www.1storgasm.com slickgalleries.com
O1 - Hosts: 69.50.136.245 www.madteenies.com madteenies.com www.slickgalleries.com 10****.com www.10****.com smashingthumbs.com www.thumbnailseries.com thumbnailseries.com goatlist.com www.goatlist.com teentiger.com www.teentiger.com
O1 - Hosts: 69.50.136.245 www.worlds*x.com worlds*x.com www.al4a.com al4a.com www.89.com 89.com www.thumberland.com thumberland.com www.freeheaven.com freeheaven.com www.spyass.com spyass.com www.ampland.com ampland.com secretarygalleries.com
O1 - Hosts: 69.50.136.245 amandalist.com www.amandalist.com www.absolut-series.com absolut-series.com lloronas.com www.lloronas.com p0rno.org www.p0rno.org www.starslist.com starslist.com gigagalleries.com
O1 - Hosts: 69.50.136.245 dianapost.com www.dianapost.com www.zadina.com zadina.com www.frogs*x.com frogs*x.com teenagesecrets.biz www.teenagesecrets.biz ratemycameltoe.com www.mature-post.com mature-post.com www.call-kelly.com
O1 - Hosts: 69.50.136.245 elreyano.com www.elreyano.com purextc.com www.purextc.com officespy.com www.officespy.com www.secretarygalleries.com www.gigagalleries.com www.croseries.com croseries.com www.top-galleries.com top-galleries.com
O1 - Hosts: 69.50.136.245 *****.org www.*****.org freesmutseries.net www.freesmutseries.net p*rno-pics-free.com www.p*rno-pics-free.com catlist.com www.smashingthumbs.com call-kelly.com www.boneme.com boneme.com www.series-xxx.com series-xxx.com
O1 - Hosts: 69.50.136.245 teeniefiles.com www.teeniefiles.com jpeg4free.com www.jpeg4free.com www.catlist.com www.ratemycameltoe.com sleazydream.com www.sleazydream.com www.justacthard.com justacthard.com
O1 - Hosts: 69.50.136.245 s*xyfotky.cz www.s*xyfotky.cz hammervideo.com www.hammervideo.com raw*****.com www.raw*****.com teeniesxxx.com www.teeniesxxx.com p*rn-view.com www.p*rn-view.com dailybasis.com www.dailybasis.com
O1 - Hosts: 69.50.136.245 p*rnstarfinder.net www.p*rnstarfinder.net jennysbookmarks.com www.jennysbookmarks.com babes4free.com www.babes4free.com 3pic.com www.3pic.com www.freefoto.cz freefoto.cz
O1 - Hosts: 69.50.136.245 searchgals.com www.searchgals.com picsmonster.com www.picsmonster.com sublimepie.com www.sublimepie.com p*rnhelious.com www.p*rnhelious.com galleries4free.com www.galleries4free.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Name - {2CAEFE3C-3643-4473-8482-A4068495F471} - (no file)
O2 - BHO: (no name) - {2CC4219F-D77F-4D3C-95E7-A235C676BA7E} - C:\WINDOWS\System32\amga.dll
O2 - BHO: CLSID Support Dll - {32978850-02C0-4F0F-A5E6-C22FB04423FC} - C:\WINDOWS\System32\clsidcore.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: Name - {BD8CE95E-871B-4F94-9AE5-BCD6591B0970} - (no file)
O2 - BHO: (no name) - {C221EFF5-CB11-4B12-B6EF-71C0677D9060} - (no file)
O2 - BHO: Name - {D0EDBB75-9DAE-48F4-AE3F-8B6E12354EC8} - (no file)
O2 - BHO: Name - {DB4CD829-B0CC-4CA8-876D-A4D865A47929} - (no file)
O2 - BHO: ZToolbar Activator Class - {FFF5092F-7172-4018-827B-FA5868FB0478} - C:\WINDOWS\Downloaded Program Files\msearch.dll
O3 - Toolbar: Magic Search Toolbar - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} - C:\WINDOWS\Downloaded Program Files\msearch.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PowerS] C:\WINDOWS\PowerS.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: FlexType 2K.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {10003000-1000-0000-1000-000000000000} -
O16 - DPF: {11111111-1111-1111-1111-222222222222} - ms-its:mhtml:file://C: oo.mht!http://69.50.136.249/tttlrmadam1000/help.chm::/uninst.exe
O16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) - http://www.gamehouse.com/ghdlctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107798383639
O17 - HKLM\System\CCS\Services\Tcpip\..\{19EACA03-AD22-4DCE-BFFA-29C60E26F8C9}: NameServer = 69.50.176.196,195.225.176.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{D4C81162-8FF5-4559-B531-35D87507E62F}: NameServer = 69.50.176.196,195.225.176.37
O17 - HKLM\System\CS2\Services\Tcpip\..\{19EACA03-AD22-4DCE-BFFA-29C60E26F8C9}: NameServer = 69.50.176.196,195.225.176.37
O17 - HKLM\System\CS3\Services\Tcpip\..\{19EACA03-AD22-4DCE-BFFA-29C60E26F8C9}: NameServer = 69.50.176.196,195.225.176.37
O18 - Filter: text/html - {DA5C698A-C1C6-4445-B476-E9B8424F4B39} - C:\WINDOWS\System32\amga.dll
O18 - Filter: text/plain - {DA5C698A-C1C6-4445-B476-E9B8424F4B39} - C:\WINDOWS\System32\amga.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: kavsvc - Kaspersky Labs - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Logged

 
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page February 05, 2019, 06:45:28 PM