TechSpot

Grateful for help with allsexsms.com

By PWR
Nov 9, 2005
  1. I have been experiencing problems with pop-ups etc from allsexsms.com for some time. It is becoming a real difficulty as I have three children who are regular computer users.

    I have tried spybot,ad-ware and housecall.trendmicro etc. with no success. I read one of the techspot threads where 'therealbalckstuff' gave some detailed advice on this subject.

    I have not posted to the site before or prepared a hijackthis.log, so I hope that the attached log is ok.

    Grateful for any help.

    Yours in desperation.

    PWR
     
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    C:\DOCUME~1\Patrick\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe
    Put HijackThis in e.g. C:\Program Files\HJT and NOT in Temp or on the Desktop!.

    First Read: Only use these HJT-instructions when asked!
    /P/ Process needs to be stopped
    /U/ UNinstall anything to do with this
    Transfer the text from between these dotted lines underneath to between the dotted lines of that post.
    Make sure to follow ALL instructions in SEQUENCE, and in HiJackThis tick/fix ALL lines indicated here!
    ...................................................................................................
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/uk/enu/gen/default.htm
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/uk/enu/gen/default.htm
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/countries/uk/enu/gen/default.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali 10.0
    /P/U/ O4 - HKLM\..\Run: [LocalProxy] C:\Program Files\LocalProxy\proxy4free.exe
    /P/U/ O4 - HKLM\..\Run: [SHA256] C:\Program Files\SHA256\secure.exe
    /P/U/ O4 - HKLM\..\Run: [AdsBlocker] C:\Program Files\AdsBlocker\stopAds.exe
    /P//U O4 - HKLM\..\Run: [WIRESS] C:\Program Files\WIRESS\rssfeed.exe
    /P//U O4 - HKLM\..\Run: [Kaps] C:\Program Files\Kaps\kaps_mm.exe
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02983GB_ZBzeb030YYGB
    O9 - Extra button: Descargas - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\eurokazaa3\local.htm (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    Fix ALL your O16 - DPF: entries
    Unless these IP-numbers are from your ISP, fix this O17
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D65E57E8-AD3F-4B80-9709-5FFE1B238891}: NameServer = 194.72.9.34 194.72.0.114
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    ...................................................................................................

    STOP using that crappy IE (other than for Windows-updates) and install Firefox from www.getfirefox.com
     
  3. PWR

    PWR TS Rookie Topic Starter

    Problems with allsexsms.com - cont

    Dear RealBlackStuff,

    Many thanks for your help with 'allsexsms.com' on the 11th November. Sorry for the delay in replying but it is taking me a bit of time to get to grips with this (very interesting though - have learnt alot).

    I downloaded Mozilla Firefox as you suggested and have not had any problems at all.

    However, I thought I carried out your HijackThis instructions correctly but the 'pop-ups' still appear if we use Internet Explorer for MS downloads etc. This means the children still potentially at risk from this site.

    I was wondering if you would mind having a look at a new HijackThis log to see if it is possible to see where I have gone wrong.

    Regards

    PWR
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...