I really need some help...please??

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi everybody,

Yesterday my Mums desktop pc started acting very odd. Everytime a website address is typed into the address bar it takes me to the google search page which gives me the results for the address i typed in rather than actually taking me to the website....2 error messages also keep popping up...the first message is when the pc is first switched on which says the following..

Exception Processing Message c0000013 Parameters 75b6bf9c 4 75b6bf9c 75b6bf9c

The other message which pops up is...

16 bit MS-DOS Subsystem
C:\WINDOWS\System32\SoftwareDistrbution32\mmc.exe
The NTVDM CPU has encountered an illegal instruction
CS:0000IP:e467 OP:74 db 3c 45 75
Choose close to terminate the application

Just before this started Alot of pop-ups started appearing.
I have run Norton Internet Security - Full system Scan and it threw up something called WinReanimator but said that it cannot be removed from an unsupported file and so it doesnt give the option to fix or remove.

Can somebody help...please?!
Thank you for taking the time to read this.

From a very worried pengie x

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Sounds like some malicious software is on the computer. Try another Antivirus program, my personal opinion is nortons is bollocks and not as good as some free stuff like AVG.

 

Thank you for replying...
This may sound like a silly question but how could I download AVG if I cant get to their website??...even when I get redirected to google I still cant click on any of the links as a pop-up popps up instead.

Any ideas??

pengie x

 

Could you not download AVG as an executable file on another PC, save it on a flash drive, then install it back on the infected PC, that's what I did with my one (my home PC is not online), then do a scan?

Failing that, you could do the same with another browser like FireFox, stick it on a flashdrive and again install it on the home PC and see if that too is also bothered by whatever it is.

 

good ideas there

 

If you are running XP, you could try System Restore to a previous date and see if this fixes the issues or allows you to download AVG.

I would also recommend downloading Adaware or Windows Defender as well to remove any 'spyware'.

Also, go into IE7 and Click Tools > Manage Add Ons & Disable All Addons that are not required. This may mean that you are able to access the Web for download AVG.

If you are running Vista, again try a System Restore and Click Start > All Programs > Accessories > System Tools > IE7 No Addons

Please let us know how you get on.

 

Just googled the issue and it appears it can be something to do with itunes or quicktime.

Taken from Tech Guys Forum

"I can offer you a solution and fix to this one

I'm willing to guess it is being caused by a program called dit.exe which is installed by some card reader software to allow you to name the drives and for them to have individual icons.

It runs on startup and is a pretty much useless process.

Initially you should test to see if it is causing you problems.

Run msconfig and if it appears in your startup list disable it and restart

if that solves your problem then delete dit.exe from your windows folder (you can also get rid of dit.dll, dit.ini and ditxp.exe)

You should now do a registry sweep to get rid of any dit.exe entries

Hope that fixes the problem for you"

 

Run Spybot on the bitch, and get rid of Norton!

 

I have got rid of Norton and installed AVG.

The problem regarding being redirected to google has now stopped but Im still get ALOT of pop-ups appearing and warnings of tracking cookies...any ideas on how to solve this issue??

ALSO - Do I need a firewall or any other programme now Iv got rid of Norton??

P.S - Thanks for the help regarding getting rid of norton and using AVG!!

 

yes get a firewall. If you are looking for a free firewall look at comodo firewall it's very good but quite advanced. If you are looking for the best security suite (firewall and antivirus and spyware killer) try NOD32 you can get a 30 day free trial at the moment. www.eset.co.uk

Vist www.trendmicro.com and run the free scan it will scan your computer for spyware, greyware and viruses. It sounds to me like there are still some bad things running in the background which you may have allowed by accident.

 

I havent tried an AV scan in safe mode...how would i do that??

I have also noticed that i keep setting the privacy settings to default and applying them onlt to find that the next time i check them they have set themselves to "accept all cookies"...could this have something to do with why the pc is acting so weird with all the pop-ups??

GBL - Thanks for the firewall information you have given.

pengie x

 

When you boot or start the computer you get whats called the post screen with all the info on your system, whilst it displays this info press F8 windows will boot into a mode that attempts to protect its settings by only using minimal apps and drivers.

When windows boots try a scan with your antivirus.

 

I have run an AV scan in safe mode but the pc is no different.
When i turn the pc off and then back on again the AVG resident shield keeps popping up in the bottom right hand corner of the screen telling me that a threat has been removed the threat is...

File name: C:\WINDOWS\system32\pjuezl.dll
Threat name: Trojan horse BHO.FCF
Detected on open.

I must have had at least 100 of this exact same file name and threat name pop-up on the AVG resident shield in 2-3 minutes.

Another thing i have noticed is that i cant turn on windows automatic updates...its says its on but i keep getting a balloon in the bottom right had corner of my screen telling me to switch it on...the security/cookie settings are still remaining at "accept all cookies" although i cant sign on to any site and if i do i get booted out if i move to another page on the site...it takes me ages to sign in here even if i tick the box to "remember me".

I have the windows xp firewall switched on...I have run adaware and spybot s&d.

What else can i do...nothing i do seems to be making any difference

pengie x

 

Try running a rootkit scan using Stinger from McAfee or a different one. If there's nothing there then at this point if the anti-virus is not helping you might want to start backing up your stuff and consider doing a reinstallation of windows. Basically deleting the partition, recreating a partition and installing windows.

Before you wipe out the partition try running "hijack this" and see if there's anything showing up in that app.

 

BHO is a Browser Helper Object. In this case something has got hooked into IE, hence your problems with browsing etc.

It will probably show up in HijackThis, but knowing which entry to delete is sometimes difficult.

There is an excellent site at CastleCops that has a procedure to folow, and expert help if that procedure fails to fix the problems.

Harry.

 

May also be worth having a look for an application called ComboFix - have used this successfully a couple of times.

 

Again thank you for your replies.

I have visited the castlecops procedure like hbroomhall said and ran the hijackthis scan like it said, it then said
"next step - The control panel - add/remove programs"
"Temporarliy disable real time monitoring program"

The thing is I dont know what im supposed to be disabling or how to do it...could anybody tell me so i can finish the rest of the procedure??

pengie x

 

If you click the link it gives expanded info on various things like Adaware, and why you need to do this.

Harry.

 

While following the castlecops procedure the pc has begun to keep restarting itself so i cant actually scan the pc with superantispyware...Im just lost now, I have no idea what to do other than what was said earlier about deleting and recreating a partition but how would i go about doing that??