The problem I'm having is that I cannot get these porn zips from downloading onto my comp, they d/l by themselves. It all started when I got a pop up saying my memory was low. Well after doing some digging, I found 24,000 porn zip files in a folder (that I didn't d/l)...Well, I deleted them all along with the folder and now they're popping up in a different folder! This is eating all of memory very slowly and I don't know what to do. I've ran ad-aware, spy-bot and trend-micro and the porn keeps coming! Also, I've tried to check my processes but my task manager won't open...I'm very new to this forum but I read the rules so I attatched my highjackthis file...All help is greatly appreciated! thank you.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Help!! Cannot stop Porn ZIPS and Task Manager not working...
- Thread starter RJ831
- Start date
- Status
- Not open for further replies.
RealBlackStuff
Posts: 6,450 +3
Go here first, and only Download and Run CWSHREDDER:
Read: How to remove Begin2Search/Coolwebsearch and Other Nasties
Then Read: Only use these HJT-instructions when asked!
/P/ Process needs to be stopped
/S/ Service needs to be stopped
/U/ UNinstall anything to do with this
/R/ unRegister the xxx.DLL in that line
The text between the dotted lines underneath goes between the dotted lines of that post.
Make sure to follow ALL instructions in SEQUENCE, and in HiJackThis tick/fix ALL lines!
...................................................................................................
/P/ C:\Documents and Settings\Ramon.HOME-UIPVNAYLS6\Local Settings\Temporary Internet Files\Content.IE5\0JKL4N67\FxGaobot[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.enterthesearch.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - blank (file missing)
/R/ O2 - BHO: (no name) - {7A1693A1-AFAF-4F1E-9B05-EEC38A85FBF3} - C:\WINDOWS\SYSTEM32\iqrx.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - blank (file missing)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - blank (file missing)
/P/ O4 - HKLM\..\Run: [Qhhicb] C:\Program Files\Fxnstrs\Gmul.exe
/P/ O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
/P/U/ O4 - HKLM\..\Run: [MsMovies] C:\Program Files\MsMovies\MsMovies.exe /auto
/P/ O4 - HKLM\..\Run: [virtual-ie] winlogi.exe
/P/U/ O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
/S/ O4 - HKLM\..\RunServices: [virtual-ie] winlogi.exe
/P/ O4 - HKLM\..\RunOnce: [w3caf.exe] C:\WINDOWS\system32\w3caf.exe /k
O4 - HKCU\..\RunOnce: [w3caf.exe] C:\WINDOWS\system32\w3caf.exe /k
/P/ O4 - Startup: PowerReg Scheduler V3.exe
/R/U/ O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
/R/U/ O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - blank (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
Fix ALL your O16 - DPF: entries
O18 - Filter: text/html - {3551784B-E99A-474f-B782-3EC814442918} - (no file)
...................................................................................................
STOP using that crappy IE (other than for Windows-updates) and install Firefox from www.getfirefox.com
Make sure you delete your IE Temporary Internet files!
Read: How to remove Begin2Search/Coolwebsearch and Other Nasties
Then Read: Only use these HJT-instructions when asked!
/P/ Process needs to be stopped
/S/ Service needs to be stopped
/U/ UNinstall anything to do with this
/R/ unRegister the xxx.DLL in that line
The text between the dotted lines underneath goes between the dotted lines of that post.
Make sure to follow ALL instructions in SEQUENCE, and in HiJackThis tick/fix ALL lines!
...................................................................................................
/P/ C:\Documents and Settings\Ramon.HOME-UIPVNAYLS6\Local Settings\Temporary Internet Files\Content.IE5\0JKL4N67\FxGaobot[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.enterthesearch.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - blank (file missing)
/R/ O2 - BHO: (no name) - {7A1693A1-AFAF-4F1E-9B05-EEC38A85FBF3} - C:\WINDOWS\SYSTEM32\iqrx.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - blank (file missing)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - blank (file missing)
/P/ O4 - HKLM\..\Run: [Qhhicb] C:\Program Files\Fxnstrs\Gmul.exe
/P/ O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
/P/U/ O4 - HKLM\..\Run: [MsMovies] C:\Program Files\MsMovies\MsMovies.exe /auto
/P/ O4 - HKLM\..\Run: [virtual-ie] winlogi.exe
/P/U/ O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
/S/ O4 - HKLM\..\RunServices: [virtual-ie] winlogi.exe
/P/ O4 - HKLM\..\RunOnce: [w3caf.exe] C:\WINDOWS\system32\w3caf.exe /k
O4 - HKCU\..\RunOnce: [w3caf.exe] C:\WINDOWS\system32\w3caf.exe /k
/P/ O4 - Startup: PowerReg Scheduler V3.exe
/R/U/ O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
/R/U/ O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - blank (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
Fix ALL your O16 - DPF: entries
O18 - Filter: text/html - {3551784B-E99A-474f-B782-3EC814442918} - (no file)
...................................................................................................
STOP using that crappy IE (other than for Windows-updates) and install Firefox from www.getfirefox.com
Make sure you delete your IE Temporary Internet files!
Ok, so I did everything you told me and everything seems to be ok...I haven't connected to my high speed internet yet (fear of it spreading on campus) but I've connected on a dial up and I haven't received any zips. Also, I'm now able to see my task manager on Normal mode. thank you so much!!! I have included new text files. One is normal mode and the other is in Safe mode. Please let me know if there are any more fixes. thanks again!!!!
PS--When I get home, I will also be installing firefox. :approve:
PS--When I get home, I will also be installing firefox. :approve:
RealBlackStuff
Posts: 6,450 +3
Guess you did NOT follow advice:
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.enterthesearch.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - blank (file missing)
O4 - HKLM\..\RunOnce: [w3caf.exe] C:\WINDOWS\system32\w3caf.exe /k
O4 - HKLM\..\RunOnce: [UninstallQL] C:\WINDOWS\System32\PreUninstallQL.exe -s
O4 - HKCU\..\RunOnce: [w3caf.exe] C:\WINDOWS\system32\w3caf.exe /k
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - blank (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.enterthesearch.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.enterthesearch.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - blank (file missing)
O4 - HKLM\..\RunOnce: [w3caf.exe] C:\WINDOWS\system32\w3caf.exe /k
O4 - HKLM\..\RunOnce: [UninstallQL] C:\WINDOWS\System32\PreUninstallQL.exe -s
O4 - HKCU\..\RunOnce: [w3caf.exe] C:\WINDOWS\system32\w3caf.exe /k
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - blank (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
RealBlackStuff
Posts: 6,450 +3
Read my post again:
Make sure to follow ALL instructions in SEQUENCE, and in HiJackThis tick/fix ALL lines!
Make sure to follow ALL instructions in SEQUENCE, and in HiJackThis tick/fix ALL lines!
RealBlackStuff
Posts: 6,450 +3
- Status
- Not open for further replies.
Similar threads
- Replies
- 15
- Views
- 3K
- Replies
- 2
- Views
- 3K
Latest posts
-
Microsoft Xbox Series X/S sales downturn continued last quarter
- Theinsanegamer replied
-
8BitDo updates gamepads with drift-proof hall-effect analog sticks- Daniel Sims replied
-
The Best Handheld Gaming Consoles- amghwk replied
-
Generative AI could soon decimate the call center industry, says CEO- wiyosaya replied
-
TechSpot is dedicated to computer enthusiasts and power users.
Ask a question and give support.
Join the community here, it only takes a minute.