PDA

View Full Version : GRRRRR!! (Major Computer Problem)



TC81190
05-02-2006, 06:31 PM
Hola senors. I am very frustrated with mah computer. And uh, you guys are quite intelligible. So I figured I'dthrough this out here for you. Here are my problems...

* Posts not being reloaded here on the 'zone. When clicking 'last page' in large threads such as game threads, doesn't take me to last page, takes me to a page later in the thread but not the last one.

* When clicking links in Google, doesn't take me to page, but rather a page with ads KINDA relating to what I searched.

* Computer crashes when plugging in iPod. Just the iPod. No other USB devices. Also, everytime I log on, I have the option in the tray to safely remove mass USB storage device. Usually, there isn't one plugged in.

When I turn my computer back on after my iPod crashes, get a 'System has recovered from serious error.' report. I always send it in to Microsoft, and when I do I get a eport saying I have a virus/trojan. However, I ran a full-system scan with Norton twice, and nothing showed, except for something called Spyware.Apropos.C, which I hit remove on each time, only for it to be found again not minutes later. I almost want to restore my system, but that's like a last resort. What can I do?

Heath
05-02-2006, 06:38 PM
Throw it against a wall.

Works everytime for me. And I get a new computer!

:D

IslandRed
05-02-2006, 07:11 PM
Removal instructions for Spyware.Apropos.C are here:

http://www.symantec.com/avcenter/venc/data/spyware.apropos.c.html

You didn't say what Norton you were running, but just be aware that spyware is not exactly the same as a virus, although they're often similar. So an antivirus-only product may not be an effective spyware remover.

TC81190
05-02-2006, 07:13 PM
Removal instructions for Spyware.Apropos.C are here:

http://www.symantec.com/avcenter/venc/data/spyware.apropos.c.html

You didn't say what Norton you were running, but just be aware that spyware is not exactly the same as a virus, although they're often similar. So an antivirus-only product may not be an effective spyware remover.

Norton 2006. Yeah..I tried that. Edited the registry, safe mode etc., to no luck.

I also tried Ad Aware SE, Spybo, and XoftSpy. Still nothin'.

IslandRed
05-02-2006, 07:21 PM
Here's a copy of a post from a security forum, maybe it'll help:
------------------

a spyware expert, Swandog46, has developed a removal tool for it

use it like this:

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download AproposFix from here:
http://swandog46.geekstogo.com/aproposfix.exe

Save it to your desktop but do NOT run it yet.

Then please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


Once in Safe Mode, please double-click aproposfix.exe and unzip it to the desktop. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.

When the tool is finished, please reboot back into normal mode

paintmered
05-02-2006, 11:54 PM
Use firefox as your brower if you aren't already using it now. It is a far more secure browser than IE. I switched over a year ago and since haven't had to worry about spyware or viruses.

macro
05-03-2006, 12:22 AM
Use firefox as your brower if you aren't already using it now. It is a far more secure browser than IE. I switched over a year ago and since haven't had to worry about spyware or viruses.

Same here. I've run Ad-Aware about once a month since switching to FireFox and have yet to find a spyware file since.

Dom Heffner
05-03-2006, 12:27 AM
When clicking links in Google, doesn't take me to page, but rather a page with ads KINDA relating to what I searched

Mine has been doing the same thing. I've searched for help but no one has any. I have 5 different spyware programs and they find nothing.

It's funny because if you hit the back button and keep clicking on the link, you'll eventually get the site as listed on the Google search results page.

I'd rather have an answer other than using a different browser to fix this.

paintmered
05-03-2006, 12:31 AM
Mine has been doing the same thing. I've searched for help but no one has any. I have 5 different spyware programs and they find nothing.

It's funny because if you hit the back button and keep clicking on the link, you'll eventually get the site as listed on the Google search results page.

I'd rather have an answer other than using a different browser to fix this.

I know switching browsers sounds like an extreme solution, but trust me on this one. Mozilla Firefox is superior in every way to IE - especially when it comes to security. You'll wonder why you put up with IE for as long as you have.

TRF
05-03-2006, 10:50 AM
Firefox now has an extension that allows it to mimic IE if it is that important to you, but make the switch, it's worth it.

LoganBuck
05-03-2006, 01:23 PM
I have had my computer for three years. It is now giving me a windows32 error that also lists a "fatal hardware error". Debating whether to throw it out the window, or to have it fixed. Problem is I am having issues backing up my data and pictures, because the computer keeps restarting after running for several minutes. Any suggestions? Also if I do get a new computer what are your thoughts on what manufacturer to go to? I am not a power user, but I must have email, word processing, internet browsing, enough power to edit digital pictures, and some basic video, and to support excel, and outlook.

TC81190
05-03-2006, 05:17 PM
Mine has been doing the same thing. I've searched for help but no one has any. I have 5 different spyware programs and they find nothing.

It's funny because if you hit the back button and keep clicking on the link, you'll eventually get the site as listed on the Google search results page.

I'd rather have an answer other than using a different browser to fix this.


Definitely. I totally agree with this. I've never, ever had an issue with IE until now. I THINK I've fixed my Google problem, haven't tried my iPod. But I am still getting the not reloading issues with the 'zone here.

TC81190
05-03-2006, 07:08 PM
Crap. I ran SpySweeper (which I'm not subscribed to) and it found a trojan. I'm not subscribed so I can't remove it. :eek: :rant2:

Cedric
05-04-2006, 02:00 AM
hijack this- Google it and follow instructions to the log.

find the log and post it here.

TRF
05-04-2006, 10:24 AM
I have had my computer for three years. It is now giving me a windows32 error that also lists a "fatal hardware error". Debating whether to throw it out the window, or to have it fixed. Problem is I am having issues backing up my data and pictures, because the computer keeps restarting after running for several minutes. Any suggestions? Also if I do get a new computer what are your thoughts on what manufacturer to go to? I am not a power user, but I must have email, word processing, internet browsing, enough power to edit digital pictures, and some basic video, and to support excel, and outlook.

www.tigerdirect.com

Since I am relatively poor, (two teenagers) I got a new Athlon Sempron 2.0 ghz machine (motherboard and chip) for about $160.

TC81190
05-04-2006, 07:39 PM
hijack this- Google it and follow instructions to the log.

find the log and post it here.


Logfile of HijackThis v1.99.1
Scan saved at 6:38:58 PM, on 5/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Common Files\AOL\1138230661\ee\AOLSoftware.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\eMachines Bay Reader\shwiconem.exe
C:\Program Files\Windows Media Connect 2\WMCCFG.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\common files\aol\1138230661\ee\aim6.exe
C:\WINDOWS\system32\XPAgent.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zoomtown.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zoomtown.com/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll (file missing)
R3 - URLSearchHook: (no name) - {6A8395E6-1D2D-292A-D854-1FC68F76ECBC} - Serviceprocess.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_03\bin\ssv.dll (file missing)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll (file missing)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [exe.wyhmd] C:\WINDOWS\system32\dmhyw.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1138230661\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\eMachines Bay Reader\shwiconem.exe
O4 - HKLM\..\Run: [Windows Media Connect 2] "C:\Program Files\Windows Media Connect 2\WMCCFG.exe" /StartQuiet
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [exe.dtemd] C:\WINDOWS\system32\dmetd.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [exe.mftmd] C:\WINDOWS\system32\dmtfm.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [XPAgent] C:\WINDOWS\system32\XPAgent.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resource/download/scanner/en-us/wlscbase3401.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1140736402875
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37600.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E99FF2E-38AC-4E07-A7D6-BF52AB39BD9E}: NameServer = 85.255.115.91,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{42BAD55C-C6B0-4733-8C3A-2973F792CD91}: NameServer = 85.255.115.91,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{52B25E1C-C13E-4987-9532-1594EDA719BE}: NameServer = 85.255.115.91,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8E6DCFD-EFA5-4C6C-91C7-2F6880EBB665}: NameServer = 85.255.115.91,85.255.112.6
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E99FF2E-38AC-4E07-A7D6-BF52AB39BD9E}: NameServer = 85.255.115.91,85.255.112.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{0E99FF2E-38AC-4E07-A7D6-BF52AB39BD9E}: NameServer = 85.255.115.91,85.255.112.6
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

Cedric
05-05-2006, 02:42 AM
I'll send a pm.