Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Windows XP > I can't believe I found (sn)...

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

I can't believe I found (sn)...

Reply to Message Icon

Name: NevetsAvenged
Date: December 5, 2003 at 14:53:42 Pacific
OS: Windows XP
CPU/Ram: Unknown
Comment:

On my AIM profile, I was stupid and clicked on a link that said "I can't believe I found (sn) Picture Here HAHAHA" Where it inserts the user's sn in the (sn) spot. It is porno, and I can't get it off my Aim profile, it has taken over. Can anyone help? Thank you very much.



Sponsored Link
Ads by Google

Response Number 1
Name: salgolf
Date: December 5, 2003 at 15:18:22 Pacific
Reply:

Hard to believe they would perpetrate that.

You may have a virus or trojan or worm or adware or some other sort of malware.

Run an AV scan, and download AdAware and Spybot, install them, update them, and run. Delete anything that looks suspicious. Some advise deleting everything because it's all reversible. Also get Spyblaster which keeps a list of bad stuff on your computer and blocks them from being installed (theoretically). Be sure your independent (not MS’s) firewall is enabled.

Spybot

AdAware


0

Response Number 2
Name: Sabertooth
Date: December 5, 2003 at 15:33:57 Pacific
Reply:

I recommend running the programs from the post above in safemode after you download 'em.


0

Response Number 3
Name: FZWG
Date: December 5, 2003 at 19:17:03 Pacific
Reply:

AIM is hijacked! This has happened before.
Recommend you download HijackThis!

Follow the instructions on HijackThis! Quick Start Help website, located here:

http://mjc1.com/mirror/hjt/

Post the HijackThis! log to identify the hijacker.



0

Response Number 4
Name: FZWG
Date: December 5, 2003 at 20:38:24 Pacific
Reply:

Run CWShredder:

http://www.spychecker.com/program/cwshredder.html

Do this before using HijackThis!


0

Response Number 5
Name: kevinkal808
Date: December 14, 2003 at 01:23:52 Pacific
Reply:

I need to identify the hijacker. I ran hijackthis and saved the log, but don't know what to do. Here's the log:

Logfile of HijackThis v1.97.7
Scan saved at 1:17:05 AM, on 12/14/2003
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\dns.exe
C:\WINNT\System32\sfmsvc.exe
C:\WINNT\Explorer.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\winnt\system32\drivers\etc\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\av.exe
C:\PROGRA~1\NETSCAPE\NETSCP.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\WINNT\winsys32\adobea.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Netscape\Communicator\Program\AIM\aim.exe
C:\WINNT\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\HijackThis.exe

R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://sfgate.com/"); (C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\qwl5k3gb.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\qwl5k3gb.slt\prefs.js)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\winnt\downloaded program files\googletoolbar_en_2.0.95-deleon.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\winnt\downloaded program files\googletoolbar_en_2.0.95-deleon.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [rundll32] c:\winnt\system32\drivers\etc\rundll32.exe
O4 - HKLM\..\Run: [AdobeA] C:\WINNT\winsys32\adobes.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\Netscape\Communicator\Program\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [Antivirus] C:\WINNT\av.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\PROGRA~1\NETSCAPE\NETSCP.exe" -turbo
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\winnt\downloaded program files\GoogleToolbar_en_2.0.95-deleon.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\winnt\downloaded program files\GoogleToolbar_en_2.0.95-deleon.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\winnt\downloaded program files\GoogleToolbar_en_2.0.95-deleon.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\winnt\downloaded program files\GoogleToolbar_en_2.0.95-deleon.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page - res://c:\winnt\downloaded program files\GoogleToolbar_en_2.0.95-deleon.dll/cmtrans.html
O9 - Extra button: ATI TV (HKLM)
O9 - Extra button: Net2Phone (HKLM)
O9 - Extra 'Tools' menuitem: Net2Phone (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/deleon/1.1.46-deleon/GoogleNav.cab
O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) - http://encarta.msn.com/encnet/external/MSSurVid.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37507.8544675926
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab



0

Related Posts

See More



Sponsored Link
Ads by Google
Reply to Message Icon



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Windows XP Forum Home


Sponsored links
Ads by Google


Results for: I can't believe I found (sn)...
OS Drive named I:/ can't auto run printer sw www.computing.net/answers/windows-xp/os-drive-named-i-cant-auto-run-printer-sw/176073.html

I can't log into my hotmail address www.computing.net/answers/windows-xp/i-cant-log-into-my-hotmail-address/176095.html

I can't open picture messege in MS outlook www.computing.net/answers/windows-xp/i-cant-open-picture-messege-in-ms-outlook/177565.html