Jump to content

CRAP, CRAP, Major computer issue HELP!!!!

Guest db99wj

By Guest db99wj
in General Chat

Recommended Posts

Guest db99wj

Guest db99wj

Posted
Posted

Was on all morning, nothing major, no weird sites, noticed that some of the banner adds were male enhancement products, don't really have that problem, I have 4 kids:cool:, anyway. Around lunch things went nuts. We had all sorts of problems with our internet connection, Comcast Cable, was very unstable, would lose connection, then have to unplug and start over.

Well my Windows XP, Dell, laptop is been having all sorts of problems. Internet explorer will open and then immediately shut down, like a blink, then closed. It was starting earlier, but would not do anything. I'm using Firefox as primary, but still something is wrong.

Some times when I have reboot the computer, it goes to my log into network screen, I put in the password, it will either go to all blue screen (same color as my screen) or it will show all the icons, then disappear.

Internet, even on firefox, I get error message when I go to websites. Even this one. This is the message

Error: Host Not Accessible

The web host download.microsoft.com is not accessible.

Possible sources of this error:

  • The host name is invalid
  • There was a DNS error
  • The web site may be unavailable
  • You may not be connected to the internet

Please edit the URL, or search for it using Google.

Google Web Accelerator version 0.2.93.116-pintail.a

Windows XP 5.1

I tried to a system restore, the last one was Wednesday, but when I hit "next" it just sits there, doesn't go any further.

I have run ad aware, hijackthis, smitfraudfix and a scan from the computer anti virus, etc suite, AVG 8.0(this is what my company put on.)

I don't know what else to do.

Link to comment
  • Replies 30
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Guest db99wj

Guest db99wj

Posted
Posted

...and my computer time shows 18:01 which is a few minutes fast, it always is due to something that is on here, it is like that on all the company computers. Military time is is correct, but it has never shown military time until now.

Link to comment
Guest db99wj

Guest db99wj

Posted
Posted

Ran this scan:

alwarebytes' Anti-Malware 1.33

Database version: 1712

Windows 5.1.2600 Service Pack 3

1/31/2009 6:08:45 PM

mbam-log-2009-01-31 (18-08-45).txt

Scan type: Quick Scan

Objects scanned: 66071

Time elapsed: 2 minute(s), 23 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 1

Registry Keys Infected: 2

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 8

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Delete on reboot.

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\wxfw.dll (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\RECYCLER\S-6-3-99-100007732-100010406-100021708-9377.com (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Delete on reboot.

C:\Documents and Settings\dbaker\My Documents\My Music\My Music.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Documents and Settings\dbaker\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Documents and Settings\dbaker\My Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Documents and Settings\dbaker\My Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\gaopdxfrdnaqbo.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\gaopdxiltepkhb.sys (Trojan.Agent) -> Quarantined and deleted successfully.

Link to comment
Guest 7987Steve

Guest 7987Steve

Posted
Posted

I would put good money on a hard drive issue. As a precaution, i would advise backing up essential data as quickly as possible. Even if it is as simple as copying all of the My Documents items and other essential files to a jump drive. This secures any data loss and puts you in a good place should the drive fail completely, or the machine stop responding. Once you had a data backup, you can do a scan disk. If that checks out ok, download the appropriate disk utility for the model disk you have and run it. Once you are sure the disk is ok, you can proceed with other steps, and feel free to ask me if you need assistance. Send a PM to me on here and i'll help you out any way i can.

Link to comment
Guest db99wj

Guest db99wj

Posted
Posted

I use Firefox but there are times and certain sites that I have to use IE.

It won't even get onto the net anymore, so f#$ it. I'm going to the range with my BIL to shoot ****.

My BIL is a computer guy, he's going to look at it after we destroy things.

Link to comment
analog_kidd Prolific Contributor

analog_kidd

Posted
Posted

Open up Windows Explorer and go to this folder: C:\WINDOWS\system32\drivers\etc

Look for a file called "Hosts" and open it up in notepad. You should see a bunch of lines with "#" in front (these #'s just comment out the line and make it not do anything) and you should see one line like this:

127.0.0.1 localhost

If you have anything else, it probably has been added by malware. Make a copy of the file and then erase everything below the 127.0.0.1 localhost line.

If there is nothing below this line, then this is not your problem.

another thing to try, open a command prompt and type

IPConfig /all <Enter>

Look for the default gateway line and look for the IP address. Type Ping and the ip address. If you don't get successful pings, your PC can't connect to your router. If this is the case, I'd look at your ethernet connection to your router.

One other thing to look at is if your PC got set up for a proxy server for Internet connections. Open Internet Explorer, click Tools / Internet Options / Connections / LAN Settings, and make sure there is not a check box in the Use Proxy settings.

Good luck

Link to comment
Reservoir Dog Prolific Contributor

Reservoir Dog

Posted
Posted (edited)
Memory Modules Infected:

C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Delete on reboot.

You have a trojan horse infection. IAMFAMOUS seems to be a nasty little bug. If AVG or Malwarebytes won't get rid of it, you may have to download a removal tool to get rid of it. You may try downloading it onto a thumb drive, and then transfer it to the infected computer. I would reboot into Safe Mode, and then run the removal tool.

http://www.spywaredoctorhelp.com/iamfamousdll-removal/

Edited by Reservoir Dog
Link to comment
Guest db99wj

Guest db99wj

Posted
Posted

Ok, back from the range. Shot some out of my XD, my BIL's Glock 19 and his Saiga-12! My shoulder is hurting!!!!

He looked at it briefly, uninstlled a google accelerator and my error messages on my browsers are normal error messages, instead of the one I posted above. The one above is not a normal one.

We had no internet service, and he has been up since 3am, so we are going to tackle it tomorrow. He did say go home and ping something like google, I did and I get a "Ping request could not find host google.com. Please check the name and try again."

This is the comand I put in the cmd screen <ping google.com> <enter> I tried putting a www in front, same not found message.

I will mess with it a little more...

Link to comment
Guest db99wj

Guest db99wj

Posted
Posted
Open up Windows Explorer and go to this folder: C:\WINDOWS\system32\drivers\etc

Look for a file called "Hosts" and open it up in notepad. You should see a bunch of lines with "#" in front (these #'s just comment out the line and make it not do anything) and you should see one line like this:

127.0.0.1 localhost

If you have anything else, it probably has been added by malware. Make a copy of the file and then erase everything below the 127.0.0.1 localhost line.

If there is nothing below this line, then this is not your problem.

another thing to try, open a command prompt and type

IPConfig /all <Enter>

Look for the default gateway line and look for the IP address. Type Ping and the ip address. If you don't get successful pings, your PC can't connect to your router. If this is the case, I'd look at your ethernet connection to your router.

One other thing to look at is if your PC got set up for a proxy server for Internet connections. Open Internet Explorer, click Tools / Internet Options / Connections / LAN Settings, and make sure there is not a check box in the Use Proxy settings.

Good luck

Hosts = Nothing below the 127.0.01

Went to ipconfig, got a succesful ping, 4 sent, 4 received 0 lost.

No check in the proxy settings.

I can't get online, so I cant do the rest. I don't have a flash drive here at the house. Got one sitting on my desk at work:rolleyes:

Link to comment
Guest db99wj

Guest db99wj

Posted
Posted

Another update: I am here on my laptop typing this. I unhooked my desktop, and hooked my laptop directly into the modem via the vonage box, and the wireless G Router. So something tells me, the problem is a wireless issue. I dont know what the hell to do about that. But at least I am here typing online.

Link to comment
Guest db99wj

Guest db99wj

Posted
Posted
You have a trojan horse infection. IAMFAMOUS seems to be a nasty little bug. If AVG or Malwarebytes won't get rid of it, you may have to download a removal tool to get rid of it. You may try downloading it onto a thumb drive, and then transfer it to the infected computer. I would reboot into Safe Mode, and then run the removal tool.

http://www.spywaredoctorhelp.com/iamfamousdll-removal/

Ran this thing above, here is the results.

Low -> hijacker.affiliated_with_browser_hijacker

Browser favourite

Low -> Adware.advertising

Browser cookie

Low ->Application.trackingcookies (3 infections)

Browser Cookie

Medium -> Trojan.TDSServ (3 infections)

Registry Key

Medium -> trojan.fakeAlert (4infections)

Registry Value

Registry Key

Registry Value to be REpaired

Checked it all, fixed Checked, Then it takes me to the pay $29.99 to run the fix.

Before I do that, I am going to try other things, see what my bIL has at his house. He is a computer guy.

We have a program that I can copy the screen shot, so I expanded all the details, like the "HKEY_USERS......" stuff for him to look at.

Link to comment
Guest SUNTZU

Guest SUNTZU

Posted
Posted

I had the original error message that you posted that started yesterday afternoon. Computer was fine, left for dinner, came back, can't access the web. Ran a test and it said everything was golden, but still wouldn't connect. My GF had just downloaded the latest IE, which I hate, and I had her switch to firefox after she got a temporary MSN explorer membership. Since then, no problems. I use Comcast as well.

Link to comment
Guest db99wj

Guest db99wj

Posted
Posted
Sorry about that. I didn't know they would charge for removal. :up: All the removal tools I have used were free. You might try searching for another IAMFAMOUS removal tool.

That's ok. I was able to do a screen shot for my BIL. My BIL is a computer guy, very good, I just hate going up and saying my crap is broke, fix it please...LIke I know he gets! And the rest of you computer guys, you are free family tech support all on you day's off!

Link to comment
Guest Astra900

Guest Astra900

Posted
Posted

Thanks DB, you made me appreciate something I take for granted. My Mac. No spy, spam, ad, pop ups, or viruses. :up: While not invulnerable by no means, certainly a higher immune system. Any prospective "new comp buyers" would do well to consider it.

Link to comment
Guest db99wj

Guest db99wj

Posted
Posted
Thanks DB, you made me appreciate something I take for granted. My Mac. No spy, spam, ad, pop ups, or viruses. :up: While not invulnerable by no means, certainly a higher immune system. Any prospective "new comp buyers" would do well to consider it.

:hyper:

:D

Link to comment
Guest db99wj

Guest db99wj

Posted
Posted

Final update. I just unhooked from being direct wired into the router, I also unhooked the router for a little bit, rehooked everything like it is suppose to do and I am back using wifi again. Not sure what the hell I did, but hey, it' working now.

Malwarebytes is still running, going on 40 minutes, it has found one thing. Going to let it finish. The spyware doctor still found those items that I typed out in response to Reservoir Dog's post. So I will continue to try to get those deleted.

Thanks everybody.

Did I mention my shoulder is hurting like hell from shooting those 12 guage slugs through that Saiga!! Great feeling!

Link to comment
Guest db99wj

Guest db99wj

Posted
Posted

malwarebytes finished, only found a minor thing, not the others.

Malwarebytes' Anti-Malware 1.33

Database version: 1712

Windows 5.1.2600 Service Pack 3

1/31/2009 11:19:18 PM

mbam-log-2009-01-31 (23-19-18).txt

Scan type: Full Scan (C:\|)

Objects scanned: 140518

Time elapsed: 46 minute(s), 42 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Program Files\foxnewstalk\foxnewstalkToolbarHelper.exe (Adware.NetPumper) -> Quarantined and deleted successfully.

Too tired, deal with the rest tomorrow.

Link to comment
~Emily~ Established Contributor

~Emily~

Posted
Posted (edited)

For future reference, another on-line scanner is F-Secure. Scroll down the page at http://support.f-secure.com/enu/home/ols.shtml and click on "Start Scanning". (I use this from FireFox so any browser works.) The F-Secure scanner check also checks root keys.

Plus, http://www.pchell.com has tips and links to fixing specific problems, spyware, viruses, etc.

Edited by ~Emily~
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go to topic listing

TGO HELPFUL LINKS

Outside of TGO...

TRADING POST NOTICE

Before engaging in any transaction of goods or services on TGO, all parties involved must know and follow the local, state and Federal laws regarding those transactions.

TGO makes no claims, guarantees or assurances regarding any such transactions.

THE FINE PRINT

Tennessee Gun Owners (TNGunOwners.com) is the premier Community and Discussion Forum for gun owners, firearm enthusiasts, sportsmen and Second Amendment proponents in the state of Tennessee and surrounding region.

TNGunOwners.com (TGO) is a presentation of Enthusiast Productions. The TGO state flag logo and the TGO tri-hole "icon" logo are trademarks of Tennessee Gun Owners. The TGO logos and all content presented on this site may not be reproduced in any form without express written permission. The opinions expressed on TGO are those of their authors and do not necessarily reflect those of the site's owners or staff.

TNGunOwners.com (TGO) is not a lobbying organization and has no affiliation with any lobbying organizations.  Beware of scammers using the Tennessee Gun Owners name, purporting to be Pro-2A lobbying organizations!

×
×
  • Create New...

Important Information

By using this site, you agree to the following.
Terms of Use | Privacy Policy | Guidelines
 
We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.