SP2 and frames not loading

[Jeremy]

Well, this is my home computer that I built myself, and
I'm the only one who uses it, so I don't see how that is
possible. This only started happening after I installed
SP2, so I think it was Microsoft that entered doublick
for me.

How do I remove it from my HOSTS file? I don't care
about the ad-ware as long as I can regain my Internet
functionality. Thank you.

I'm using SP2 with XP Home. What I have discovered is
that, on several websites, there are several frames on
the page I'm at that don't load, but instead have
the "This page cannot be displayed" text on them.
Checking out the properties of these frames, they almost
always have something to do with doubleclick.net.

Also, when this happens, I notice that my back button
stops working (as others have documented here). If
I click the little arrow next to the back button to see
what pages are in my back history, instead of seeing the
last page I visited I see several entries also having to
do with doubleclick.net.

For instance, when I visit www.angelsbaseball.com, I get
three frames that do not load now. The URL address that
shows up in their properties is:

res://C:\WINDOWS\system32
\shdoclc.dll/dnserror.htm#http://ad.doubleclick.net/adi/an
gels.mlb/homepage;pos=1;sz=178x60;tile=1;ord=997109074?

Now when I click the little arrow next to my back button
there are three instances of:

http://ad.doubleclick.net/adj/angels.ml

as if the browser thinks I just visited that site three
times or something. So when I click the back button it
tries to take me to that site. Also, in the status bar
at the bottom of IE6 I see that it is trying to connect
to that site, and also to http://127.0.0.1

This problem happens on other sites such as ebay as
well. Does anyone know how to get around this? I've
tried disabling the popup blocker, changing my security
settings, looking at my antivirus settings, deleting all
my cookies and temp. internet files, clearing the SSL
states of my certificates, etc etc. Nothing has worked
yet. Could it have something to do with my router and a
port that needs to be opened? I am using a Linksys
BEFSR41 with the most updated firmware (and incidentally
I have no problems with the linksys website).

Please help!

This is not a bad thing, it is a good thing. You DON'T
want anything from
doubleclick. Some nice person has entered it into your
HOSTS file and set
it to 127.0.0.1 (your machine).

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup only. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com/security/protect/

 

[Bryan Martin]

I seen this earlier and it may help

I've noticed that since SP2 came out, that Florida has been hit by two
hurricanes, with a possible third one on the way. Things like that
never happened before Microsoft issued SP2... there must be a direct
connection.

No but really. SP2 did NOT cause your browser to be hijacked. Try
downloading a spyware application such as ad-aware from
http://www.lavasoftusa.com that may rid you of this.

 

[PA Bear]

...I don't care

about the ad-ware as long as I can regain my Internet
functionality.

If you allow the adware, you won't have internet functionality for very
long, my friend.

Changes to Functionality in Microsoft Windows XP Service Pack 2
Browsing Security Enhancements
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2brows.mspx

WinXP SP2: What's New for Internet Explorer and Outlook Express
http://www.microsoft.com/windowsxp/sp2/ieoeoverview.mspx
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE), AH-VSOP

Are You Ready for WinXP SP2?
http://www.microsoft.com/athome/security/protect/default.aspx

WinXP SP2 Release Notes
http://support.microsoft.com/default.aspx?scid=kb;en-us;835935

AumHa Forums
http://forum.aumha.org

 

[Guest]

">If you allow the adware, you won't have internet
functionality for very

long, my friend."

What I mean is that I run Ad-Aware and Spybot daily.

The fact that I built my own machine should clue you in
that I'm not a *total* noob, shouldn't it?

My question is still out there--do you know how I can get
into my HOSTS files and see if doubleclick is indeed in
there?

 

[PA Bear]

">If you allow the adware, you won't have internet
functionality for very

What I mean is that I run Ad-Aware and Spybot daily.

Doublechecking:

Are you running Ad-aware SE? Have you downloaded the latest version (there
have been 3 so far) of the 1.04 update? Have you reconfigured Ad-aware per
http://aumha.org/forum/viewtopic.php?t=5877? Do you run Ad-aware in Safe
Mode? Are you running Spybot v1.3.012 with 30 Aug-04 updates? Have you
ever Immunized All on Spybot's Immunize tab?

The fact that I built my own machine should clue you in
that I'm not a *total* noob, shouldn't it?

The two conditions are *not* mutually exclusive, I'm afraid. No offense
intended but my neighbor built his Heathkit himself and *is* a total noob
(whatever that is).

My question is still out there--do you know how I can get
into my HOSTS files and see if doubleclick is indeed in
there?

Sure. Take a peek at http://mvps.org/winhelp2002/hosts.htm, a page you'd
have found /immediately/ after going to this page which I posted somewhere
in this thread (and in about 2,600 others in the past 12 months):
http://mvps.org/winhelp2002/unwanted.htm
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE), AH-VSOP

Are You Ready for WinXP SP2?
http://www.microsoft.com/athome/security/protect/default.aspx

WinXP SP2 Release Notes
http://support.microsoft.com/default.aspx?scid=kb;en-us;835935

AumHa Forums
http://forum.aumha.org

 

[Robert Aldwinckle]

....

My question is still out there--do you know how I can get
into my HOSTS files and see if doubleclick is indeed in
there?

Assuming the SP2 in the Subject: line means XPsp2
you could do this in a command window (while disconnected):

ipconfig /flushdns
ipconfig /displaydns | find /i "doubleclick"


To find the location of your HOSTS file (if there is one) enter:

netsh diag show adapter /v | find /i "DatabasePath"


The path for your HOSTS file is usually
<example>
DatabasePath = %SystemRoot%\System32\drivers\etc
</example>

However, certain malware is known to change this
So be certain that you find and edit the correct file.


HTH

Robert Aldwinckle
---