Cannot get rid of Error 129831!

Discussion in 'Malware Help (A Specialist Will Reply)' started by mhsiao45, Jan 17, 2007.

  1. mhsiao45

    mhsiao45 Private E-2

    Every time I try to open a web browser such as Google or Yahoo, I get this message:

    Error 128831:
    Your computer has been infected with Spyware. To remove download this software now:

    This error prevents me from doing any sort of searches, however I can type in specific URL's to get to a certain page only if I know the specific URL.
    I've run Ad-aware and AVG, but still get this problem. Should I continue to download Hijack This, and start posting log files?

    Please Help!
     
    mhsiao45, Jan 17, 2007
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Welcome to Majorgeeks!

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    TimW, Jan 17, 2007
    #2
  3. mhsiao45

    mhsiao45 Private E-2

    Hi,

    It took me a while, but I have now completed all the steps you mentioned above. I did notice however after I installed the Java program, my computer runs EXTREMELY slow. It seems like the Java program takes up all the memory. Anyhow, here are the first 3 logs.
    Thanks!
     

    Attached Files:

    mhsiao45, Jan 21, 2007
    #3
  4. mhsiao45

    mhsiao45 Private E-2

    Here are the last 3 logs. For some reason, everytime I run the Runkeys program, nothing shows up in the log, therefore I can't attach.
    Hope I can solve this nasty problem.

    Thanks for the help!
     

    Attached Files:

    mhsiao45, Jan 21, 2007
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    See this thread for your ShowNew files problems.

    Run HijackThis and select Do a system scan only. Look for the below lines (you may not always find both of them) and select them but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    O1 - Hosts: 1223167118 0-0sex.com
    O1 - Hosts: 1223167118 www.0-0sex.com
    O1 - Hosts: 1223167118 1-800-*****.com
    O1 - Hosts: 1223167118 www.1-800-*****.com
    O1 - Hosts: 1223167118 1000galeriasporno.com.ar
    O1 - Hosts: 1223167118 www.1000galeriasporno.com.ar
    O1 - Hosts: 1223167118 1000hornysluts.com
    O1 - Hosts: 1223167118 www.1000hornysluts.com
    O1 - Hosts: 1223167118 1000pix.com
    O1 - Hosts: 1223167118 www.1000pix.com
    O1 - Hosts: 1223167118 1001movies.com
    O1 - Hosts: 1223167118 www.1001movies.com
    O1 - Hosts: 1223167118 100orgasms.com
    O1 - Hosts: 1223167118 www.100orgasms.com
    O1 - Hosts: 1223167118 100pour100sexe.com
    O1 - Hosts: 1223167118 www.100pour100sexe.com
    O1 - Hosts: 1223167118 101cumlovers.com
    O1 - Hosts: 1223167118 www.101cumlovers.com
    O1 - Hosts: 1223167118 101pornstars.com
    O1 - Hosts: 1223167118 www.101pornstars.com
    O1 - Hosts: 1223167118 101stars.com
    O1 - Hosts: 1223167118 www.101stars.com
    O1 - Hosts: 1223167118 101teen.com
    O1 - Hosts: 1223167118 www.101teen.com
    O1 - Hosts: 1223167118 11shemales.com
    O1 - Hosts: 1223167118 www.11shemales.com
    O1 - Hosts: 1223167118 121av.com
    O1 - Hosts: 1223167118 www.121av.com
    O1 - Hosts: 1223167118 18enne.com
    O1 - Hosts: 1223167118 www.18enne.com
    O1 - Hosts: 1223167118 18hentai.com
    O1 - Hosts: 1223167118 www.18hentai.com
    O1 - Hosts: 1223167118 18hut.com
    O1 - Hosts: 1223167118 www.18hut.com
    O1 - Hosts: 1223167118 18moviethumbs.com
    O1 - Hosts: 1223167118 www.18moviethumbs.com
    O1 - Hosts: 1223167118 18plusgalleries.com
    O1 - Hosts: 1223167118 www.18plusgalleries.com
    O1 - Hosts: 1223167118 18post.com
    O1 - Hosts: 1223167118 www.18post.com
    O1 - Hosts: 1223167118 18sexbox.com
    O1 - Hosts: 1223167118 www.18sexbox.com
    O1 - Hosts: 1223167118 18tease.com
    O1 - Hosts: 1223167118 www.18tease.com
    O1 - Hosts: 1223167118 18to19.com
    O1 - Hosts: 1223167118 www.18to19.com
    O1 - Hosts: 1223167118 18turnwhores.com
    O1 - Hosts: 1223167118 www.18turnwhores.com
    O1 - Hosts: 1223167118 18yearoldpussy.com
    O1 - Hosts: 1223167118 www.18yearoldpussy.com
    O1 - Hosts: 1223167118 18young.com
    O1 - Hosts: 1223167118 www.18young.com
    O1 - Hosts: 1223167118 1bigthumbup.com
    O1 - Hosts: 1223167118 www.1bigthumbup.com
    O1 - Hosts: 1223167118 1free-porn-finder.com
    O1 - Hosts: 1223167118 www.1free-porn-finder.com
    O1 - Hosts: 1223167118 1freepicsgallery.com
    O1 - Hosts: 1223167118 www.1freepicsgallery.com
    O1 - Hosts: 1223167118 1hardcoreporn.com
    O1 - Hosts: 1223167118 www.1hardcoreporn.com
    O1 - Hosts: 1223167118 1on3sex.com
    O1 - Hosts: 1223167118 www.1on3sex.com
    O1 - Hosts: 1223167118 1sexlinks.com
    O1 - Hosts: 1223167118 www.1sexlinks.com
    O1 - Hosts: 1223167118 1stchoicepornlinks.com
    O1 - Hosts: 1223167118 www.1stchoicepornlinks.com
    O1 - Hosts: 1223167118 1stmovieclub.net
    O1 - Hosts: 1223167118 www.1stmovieclub.net
    O1 - Hosts: 1223167118 2000nakedgirls.com
    O1 - Hosts: 1223167118 www.2000nakedgirls.com
    O1 - Hosts: 1223167118 24-7balckbooty.com
    O1 - Hosts: 1223167118 www.24-7balckbooty.com
    O1 - Hosts: 1223167118 247freeassmovies.com
    O1 - Hosts: 1223167118 www.247freeassmovies.com
    O1 - Hosts: 1223167118 2hotpictures.com
    O1 - Hosts: 1223167118 www.2hotpictures.com
    O1 - Hosts: 1223167118 2hotvideos.com
    O1 - Hosts: 1223167118 www.2hotvideos.com
    O1 - Hosts: 1223167118 2jizz.com
    O1 - Hosts: 1223167118 www.2jizz.com
    O1 - Hosts: 1223167118 2naughty.net
    O1 - Hosts: 1223167118 www.2naughty.net
    O1 - Hosts: 1223167118 2so2.com
    O1 - Hosts: 1223167118 www.2so2.com
    O1 - Hosts: 1223167118 2teens.net
    O1 - Hosts: 1223167118 www.2teens.net
    O1 - Hosts: 1223167118 30galleries.com
    O1 - Hosts: 1223167118 www.30galleries.com
    O1 - Hosts: 1223167118 310exotics.com
    O1 - Hosts: 1223167118 www.310exotics.com
    O1 - Hosts: 1223167118 345blastave.com
    O1 - Hosts: 1223167118 www.345blastave.com
    O1 - Hosts: 1223167118 3mpeg4u.us
    O1 - Hosts: 1223167118 www.3mpeg4u.us
    O1 - Hosts: 1223167118 3pic.com
    O1 - Hosts: 1223167118 www.3pic.com
    O1 - Hosts: 1223167118 3pixxx.com
    O1 - Hosts: 1223167118 www.3pixxx.com
    O1 - Hosts: 1223167118 3xtrem.com
    O1 - Hosts: 1223167118 www.3xtrem.com
    O1 - Hosts: 1223167118 40galleries.com



    After clicking Fix, exit HJT.

    Please try to attach the ShowNew and a new HJT log.
     
    TimW, Jan 22, 2007
    #5
  6. mhsiao45

    mhsiao45 Private E-2

    Hi,

    Ok, attached are shownew.txt and new Hijackthis file
    Thanks
     

    Attached Files:

    mhsiao45, Jan 22, 2007
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please reset your startup to normal thru msconfig.

    Now run this:
    Download HOSTER and then follow the below steps.
    • Unzip Hoster to a convenient folder such as C:\Hoster
    • Run Hoster.exe, click Restore Original Hosts and then click OK.
    • Click the X to exit the program
    Let me know how things are running.
     
    TimW, Jan 23, 2007
    #7
  8. mhsiao45

    mhsiao45 Private E-2

    I didn't see the option, 'restore orignal hosts' on the hoster program, but it looks like my computer is running fine now. Thanks a lot!
     
    mhsiao45, Jan 24, 2007
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You should have been able to figure it out. Hoster change design a little. It now says Restore Microsoft's Hosts File and you still need to do this just to be sure that it has been cleaned up.
     
    chaslang, Jan 25, 2007
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds