Hey, I'm not really the most technically savvy person around, so I figured I'd ask for a bit of computer help here. I'd just like to be pointed in the direction of a message board/website or something that would help.

I've had a few weird problems on my computer (Running Windows XP Pro, Service Pack 2). The most annoying one is that, while on AIM, it sends out IMs to everyone on my buddy list (usually when I go idle) saying something along the lines of "Is THIS someone you know?" where you can click on the word "this". At startup, Internet Explorer pops up to a website that says "My Test Page, Under Construction". The url is http://205.209.167.44/~magic3/testz0r.htm (http://205.209.167.44/%7Emagic3/testz0r.htm). I'd suggest you not click that, just in case it has something to do with it and I'd hate to give anyone else this problem.

I also get a strange error whenever I start up my computer (ZeroCfgSvcMFC Application Error), and CWShredder gives me an error when Windows starts up, too. I've run Symantec and Trend's House Call virus scans, and they don't pick anything up. However, some spyware is getting picked up, and now when I try to delete it, the computer blue screens. The thing is called MediaGateway/WindUpdate. And, to make things even better, I can no longer start up in safe mode, the computer automatically reboots when I try to.

I would normally call tech support for this sort of thing, but Hypersonic charges $130 for a one-time deal, and it just seems like an absolute rip off. And since "run some some scans in safe mode" is as techincal as I can get with this sort of thing, I'm out of ideas. If anyone has had this problem before, or knows a direction to point me in, I'd really appreciate the help. Thanks!

AHHHHH pressed back and deleted my big post i was making, i'll just wrap it up.


I know a few ways to fix that problem, here's 3:
-backup computer (formats all hard drive and restores it)
-close the suspicious processes in task manager and then delete some suspicious files (you need some knowledge)
-Try to connect with someone to fix it. Remote connection programs radmin (http://radmin.com/) with that, someone can connect to your computer from anywhere in the world and then he can fix it for you. Don't worry, you controll who can go in and out.
-Download ad-aware from places like www.cnet.com (http://www.cnet.com) there's also more advise on how to remove it too.

There's other choices that you can do, but these are the most simpler ones i could think of, There's more things you can do, but these are simple enough. Hope that helped a little :zim:

Hey, I'm not really the most technically savvy person around, so I figured I'd ask for a bit of computer help here. I'd just like to be pointed in the direction of a message board/website or something that would help.

I've had a few weird problems on my computer (Running Windows XP Pro, Service Pack 2). The most annoying one is that, while on AIM, it sends out IMs to everyone on my buddy list (usually when I go idle) saying something along the lines of "Is THIS someone you know?" where you can click on the word "this". At startup, Internet Explorer pops up to a website that says "My Test Page, Under Construction". The url is http://205.209.167.44/~magic3/testz0r.htm (http://205.209.167.44/%7Emagic3/testz0r.htm). I'd suggest you not click that, just in case it has something to do with it and I'd hate to give anyone else this problem.

I also get a strange error whenever I start up my computer (ZeroCfgSvcMFC Application Error), and CWShredder gives me an error when Windows starts up, too. I've run Symantec and Trend's House Call virus scans, and they don't pick anything up. However, some spyware is getting picked up, and now when I try to delete it, the computer blue screens. The thing is called MediaGateway/WindUpdate. And, to make things even better, I can no longer start up in safe mode, the computer automatically reboots when I try to.

I would normally call tech support for this sort of thing, but Hypersonic charges $130 for a one-time deal, and it just seems like an absolute rip off. And since "run some some scans in safe mode" is as techincal as I can get with this sort of thing, I'm out of ideas. If anyone has had this problem before, or knows a direction to point me in, I'd really appreciate the help. Thanks! First off, the is something fishy with IP 205.209.167.44 in the URL. I can’t ping it, I cant use who is? on it, BUT when I try to trace the route manually it reaches the host but my firewalls get attacked and my router resets. The only time my router will reset is if it can't shake off the attacker so it changes my IP. This leads me to believe that there is an automated aressive port scan on that IP. It is most likely a server and most likely Linux OS (because I had difficulty pinging it). It is also protected by various firewalls. The strange part about it, is that the website itself is clean, no Active X plug-in, no Java applets and no Flash, in other words, no automated install. But there is a Java script on the page, I am not sure what it suppose to do (it seems to me that it suppose to install some sort of adware but it needs some sort of trigger to do it, the site itself is dead.

<script language="javascript" type="text/javascript" src="http://static.windupdates.com/prompts/a273af75/a279aa.js"></script>
<script language="javascript" type="text/javascript">self.focus();</script>
If you notice there is a URL windupdates.com. The site is legid but its an ad delivering software.



What is Wind Updates?

Wind Updates is free ad delivery software which provides targeted advertising offers.


How did Wind Updates get installed on your computer?

You downloaded Wind Updates from a Website that is able to offer its content for free because it shows the Wind Updates ActiveX popup. The Wind Update program is installed only once the user has agreed to it by clicking “ yes” on the ActiveX. Though the ActiveX, the user can review the license terms and privacy policy before installing the software. Each and every distributor is carefully reviewed to make sure that their distribution techniques abide by a strict code of conduct.

If you do not remember having seen an ActiveX prompt, you might have downloaded Wind Updates from a popular free software product (screensavers, games, file sharing software, etc.). Users always have to opt-in before installing the Wind Updates software.


Removal instructions:

Wind Updates supports many free software products through its advertising relevancy technology. If you remove Wind Updates from your system, certain free software that you installed may no longer function properly and you may have to reinstall them from a backup.

If you are sure that you want to remove Wind Updates from your computer just follow these two easy steps:






Click Start -> Control Panel -> Add/Remove Programs
Scroll to Wind Updates and click Remove
End User License Agreement:

Please find an up to date copy of Wind Update’s End User License Agreement at http://www.windupdates.com/license.html



I would use Adaware and remove it, if it doesn’t work, use their removal method.
It seems to me that that is the root of your problems. Getting rid of it should solve your error messages also. Good luck.

Guessing from solarflere's post there might be a hacker.

I don't really know what to say, but download some software that gets rid of spyware, adware, etc...like McAfee or SpyBot: Search and Destroy.

You can also get some help from Sampo or any other people here that knows computers.

Guessing from solarflere's post there might be a hacker.

I don't really know what to say, but download some software that gets rid of spyware, adware, etc...like McAfee or SpyBot: Search and Destroy.

You can also get some help from Sampo or any other people here that knows computers. It could be a hacker, but he is sloppy, he left his URL and it’s traceable if you put enough effort into it. It seems the server is on auto now, I don't think the hacker is sitting behind his pc and messing with you now.