Thanks PA Bear for your suggestions!
I renamed the file HOSTS, rebooted. The behavior persisted.
I have done an upgrade reinstall of Windows XP SP2 in Windows. Should I do
a
Repair Install by booting from the Windows XP CD?
Regards,
Dima
PA Bear said:As Frank suggested, open Windows Explorer to
C:\Windows\System32\drivers\etc
<=this folder | Right-click on the file HOSTS (not LMHOSTS; no extension)Rename it to OLDHOSTS | Reboot.
If the behavior persists, you've most likely got a hijackware infection.
(I suspect you may have already done a Repair Install because of this
infection; If so, only a format & reinstall would have fixed it.)
Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315
Run a /thorough/ check for hijackware, including posting your hijackthis
log
to an appropriate forum.
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware
When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for
review
by an expert in such matters, not here.**
If the procedures look too complex - and there is no shame in admitting
this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Hello!
Google shows correct search results at first, but then in a second the
page
replaces the search results with ads.
"PA Bear [MS MVP]" <[email protected]> Ñообщил/Ñообщила в новоÑÑ‚ÑÑ…
Ñледующее: CrystalBall© sez...
Updates are not installed successfully from Windows Update, from
Microsoft
Update, or by using Automatic Updates after you repair a Windows XP
installation:
http://support.microsoft.com/kb/943144
NB: Also applies to clean installs, upgrade installs, and Recovery
installs. --
~PA Bear
Dima wrote:
Thanks Robear for replying!
This problem began before I installed WinXP SP3.
IE7 was installed before WinXP SP3 was installed.
Office scan 8.710.1002 and Ad-Aware 2008 (definition file 0081.0000)
are
installed.
There is no third-party firewall.
Ad-Aware 2008 and Office scan 8.710.1002 were not running when I
installed
WinXP SP3.
Regards,
Dima
Did this problem begin after you installed WinXP SP3?
Was IE7 installed before or after WinXP SP3 was installed?
What anti-virus application or security suite is installed? What
anti-spyware applications (other than Defender)? What third-party
firewall (if any)? Were any of these applications running when you
installed WinXP SP3?
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Dima wrote:
Thanks Frank Saunders for suggesting!
I do not use a firewall. I clicked Start, clicked Run, typed
https://www.microsoft.com:443, and then clicked OK. I could connect
to
www.microsoft.com, and I did not receive an error message.
Sincerely,
Dima
"Frank Saunders MS-MVP IE,OE/WM" <[email protected]>
Ñообщил/Ñообщила в
новоÑÑ‚ÑÑ… Ñледующее:
Hello!
Windows Update site, www.lavasoft.com and some other security
sites
do
not
open. Windows Update downloads do not start even manually. Google
shows adds in the beginning of search results. Ad-Aware 2008
(definition file 0081.0000) does not remove the problem. OS is
Windows XP SP3. IE 7. Automatically downloaded updates do not
install
too. Office scan 8.710.1002 is not finding any viruses. SFC
/scannow
does
not
find any discrepancies.
Other peer computers in our network do not have the problem.
How to eliminate the problem?
Sincerely,
Dima
Make sure your firewall is not blocking port 443.
PA Bear said:A Repair Install (or upgrade Repair Install) is not going to help. Unless
you're willing to post your HijackThis log in an appropriate forum for
assistance (see my last reply), you'll have to format & reinstall Windows.
Thanks PA Bear for your suggestions!
I renamed the file HOSTS, rebooted. The behavior persisted.
I have done an upgrade reinstall of Windows XP SP2 in Windows. Should I do a
Repair Install by booting from the Windows XP CD?
Regards,
Dima
PA Bear said:As Frank suggested, open Windows Explorer to
C:\Windows\System32\drivers\etc
<=this folder | Right-click on the file HOSTS (not LMHOSTS; no extension)
Rename it to OLDHOSTS | Reboot.
If the behavior persists, you've most likely got a hijackware infection.
(I suspect you may have already done a Repair Install because of this
infection; If so, only a format & reinstall would have fixed it.)
Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315
Run a /thorough/ check for hijackware, including posting your hijackthis
log
to an appropriate forum.
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware
When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for
review
by an expert in such matters, not here.**
If the procedures look too complex - and there is no shame in admitting
this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Dima wrote:
Hello!
Google shows correct search results at first, but then in a second the
page
replaces the search results with ads.
"PA Bear [MS MVP]" <[email protected]> Ñообщил/Ñообщила в новоÑÑ‚ÑÑ…
Ñледующее: CrystalBall© sez...
Updates are not installed successfully from Windows Update, from
Microsoft
Update, or by using Automatic Updates after you repair a Windows XP
installation:
http://support.microsoft.com/kb/943144
NB: Also applies to clean installs, upgrade installs, and Recovery
installs. --
~PA Bear
Dima wrote:
Thanks Robear for replying!
This problem began before I installed WinXP SP3.
IE7 was installed before WinXP SP3 was installed.
Office scan 8.710.1002 and Ad-Aware 2008 (definition file 0081.0000)
are
installed.
There is no third-party firewall.
Ad-Aware 2008 and Office scan 8.710.1002 were not running when I
installed
WinXP SP3.
Regards,
Dima
Did this problem begin after you installed WinXP SP3?
Was IE7 installed before or after WinXP SP3 was installed?
What anti-virus application or security suite is installed? What
anti-spyware applications (other than Defender)? What third-party
firewall (if any)? Were any of these applications running when you
installed WinXP SP3?
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Dima wrote:
Thanks Frank Saunders for suggesting!
I do not use a firewall. I clicked Start, clicked Run, typed
https://www.microsoft.com:443, and then clicked OK. I could connect
to
www.microsoft.com, and I did not receive an error message.
Sincerely,
Dima
"Frank Saunders MS-MVP IE,OE/WM" <[email protected]>
Ñообщил/Ñообщила в
новоÑÑ‚ÑÑ… Ñледующее:
Hello!
Windows Update site, www.lavasoft.com and some other security sites
do
not
open. Windows Update downloads do not start even manually. Google
shows adds in the beginning of search results. Ad-Aware 2008
(definition file 0081.0000) does not remove the problem. OS is
Windows XP SP3. IE 7. Automatically downloaded updates do not
install
too. Office scan 8.710.1002 is not finding any viruses. SFC
/scannow
does
not
find any discrepancies.
Other peer computers in our network do not have the problem.
How to eliminate the problem?
Sincerely,
Dima
Make sure your firewall is not blocking port 443.
http://forums.subratam.org/index.php?showforum=7 does not reply to the
problem
http://forums.spybot.info/forumdisplay.php?f=22 and
http://castlecops.com/forum67.html do not open on my computer.
Hello!
http://forums.subratam.org/index.php?showforum=7 does not reply to the
problem and my Logfile of Trend Micro HijackThis v2.0.2.
http://aumha.net/viewforum.php?f=30 does not send a confirmation message
to
my e-mail.
http://forums.spybot.info/forumdisplay.php?f=22 and
http://castlecops.com/forum67.html do not open on my computer.
Please, help!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:12:52, on 07.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
A Repair Install (or upgrade Repair Install) is not going to help.
Unless
you're willing to post your HijackThis log in an appropriate forum for
assistance (see my last reply), you'll have to format & reinstall
Windows.
Thanks PA Bear for your suggestions!
I renamed the file HOSTS, rebooted. The behavior persisted.
I have done an upgrade reinstall of Windows XP SP2 in Windows. Should I
do a Repair Install by booting from the Windows XP CD?
Regards,
Dima
As Frank suggested, open Windows Explorer to
C:\Windows\System32\drivers\etc
<=this folder | Right-click on the file HOSTS (not LMHOSTS; no
extension)
Rename it to OLDHOSTS | Reboot.
If the behavior persists, you've most likely got a hijackware
infection.
(I suspect you may have already done a Repair Install because of this
infection; If so, only a format & reinstall would have fixed it.)
Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315
Run a /thorough/ check for hijackware, including posting your
hijackthis
log
to an appropriate forum.
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware
When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to
use.
It will help you to both identify and remove any hijackware/spyware
with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for
review
by an expert in such matters, not here.**
If the procedures look too complex - and there is no shame in admitting
this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Dima wrote:
Hello!
Google shows correct search results at first, but then in a second the
page
replaces the search results with ads.
"PA Bear [MS MVP]" <[email protected]> Ñообщил/Ñообщила в новоÑÑ‚ÑÑ…
Ñледующее: CrystalBall© sez...
Updates are not installed successfully from Windows Update, from
Microsoft
Update, or by using Automatic Updates after you repair a Windows XP
installation:
http://support.microsoft.com/kb/943144
NB: Also applies to clean installs, upgrade installs, and Recovery
installs. --
~PA Bear
Dima wrote:
Thanks Robear for replying!
This problem began before I installed WinXP SP3.
IE7 was installed before WinXP SP3 was installed.
Office scan 8.710.1002 and Ad-Aware 2008 (definition file 0081.0000)
are
installed.
There is no third-party firewall.
Ad-Aware 2008 and Office scan 8.710.1002 were not running when I
installed
WinXP SP3.
Regards,
Dima
Did this problem begin after you installed WinXP SP3?
Was IE7 installed before or after WinXP SP3 was installed?
What anti-virus application or security suite is installed? What
anti-spyware applications (other than Defender)? What third-party
firewall (if any)? Were any of these applications running when you
installed WinXP SP3?
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Dima wrote:
Thanks Frank Saunders for suggesting!
I do not use a firewall. I clicked Start, clicked Run, typed
https://www.microsoft.com:443, and then clicked OK. I could
connect
to
www.microsoft.com, and I did not receive an error message.
Sincerely,
Dima
"Frank Saunders MS-MVP IE,OE/WM" <[email protected]>
Ñообщил/Ñообщила в
новоÑÑ‚ÑÑ… Ñледующее:
Hello!
Windows Update site, www.lavasoft.com and some other security
sites do
not
open. Windows Update downloads do not start even manually.
shows adds in the beginning of search results. Ad-Aware 2008
(definition file 0081.0000) does not remove the problem. OS is
Windows XP SP3. IE 7. Automatically downloaded updates do not
install
too. Office scan 8.710.1002 is not finding any viruses. SFC
/scannow
does
not
find any discrepancies.
Other peer computers in our network do not have the problem.
How to eliminate the problem?
Sincerely,
Dima
Make sure your firewall is not blocking port 443.
PA Bear said:We do not interpret or work with HijackThis logs in the public newsgroups.
http://forums.subratam.org/index.php?showforum=7 does not reply to the
problem
Allow a minimum of three (3) days for a reply to your posts in any forum.
http://aumha.net/viewforum.php?f=30 does not send a confirmation message to
my e-mail.
Assuming you registered successfully, look for a confirmation email from
(e-mail address removed) in your inbox of "spam trap". If no joy, tell me the username
you registered and I'll look into it.
http://forums.spybot.info/forumdisplay.php?f=22 and
http://castlecops.com/forum67.html do not open on my computer.
Possibly due to the infection(s).
Use another machine to post to any of these forums. It is not safe to have
the infected machine connected to the internet.
Again, a format & reinstall WILL resolve the problems.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Hello!
http://forums.subratam.org/index.php?showforum=7 does not reply to the
problem and my Logfile of Trend Micro HijackThis v2.0.2.
http://aumha.net/viewforum.php?f=30 does not send a confirmation message to
my e-mail.
http://forums.spybot.info/forumdisplay.php?f=22 and
http://castlecops.com/forum67.html do not open on my computer.
Please, help!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:12:52, on 07.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
A Repair Install (or upgrade Repair Install) is not going to help. Unless
you're willing to post your HijackThis log in an appropriate forum for
assistance (see my last reply), you'll have to format & reinstall Windows.
Dima wrote:
Thanks PA Bear for your suggestions!
I renamed the file HOSTS, rebooted. The behavior persisted.
I have done an upgrade reinstall of Windows XP SP2 in Windows. Should I
do a Repair Install by booting from the Windows XP CD?
Regards,
Dima
As Frank suggested, open Windows Explorer to
C:\Windows\System32\drivers\etc
<=this folder | Right-click on the file HOSTS (not LMHOSTS; no extension)
Rename it to OLDHOSTS | Reboot.
If the behavior persists, you've most likely got a hijackware infection.
(I suspect you may have already done a Repair Install because of this
infection; If so, only a format & reinstall would have fixed it.)
Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315
Run a /thorough/ check for hijackware, including posting your hijackthis
log
to an appropriate forum.
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware
When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for
review
by an expert in such matters, not here.**
If the procedures look too complex - and there is no shame in admitting
this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Dima wrote:
Hello!
Google shows correct search results at first, but then in a second the
page
replaces the search results with ads.
"PA Bear [MS MVP]" <[email protected]> Ñообщил/Ñообщила в новоÑÑ‚ÑÑ…
Ñледующее: CrystalBall© sez...
Updates are not installed successfully from Windows Update, from
Microsoft
Update, or by using Automatic Updates after you repair a Windows XP
installation:
http://support.microsoft.com/kb/943144
NB: Also applies to clean installs, upgrade installs, and Recovery
installs. --
~PA Bear
Dima wrote:
Thanks Robear for replying!
This problem began before I installed WinXP SP3.
IE7 was installed before WinXP SP3 was installed.
Office scan 8.710.1002 and Ad-Aware 2008 (definition file 0081.0000)
are
installed.
There is no third-party firewall.
Ad-Aware 2008 and Office scan 8.710.1002 were not running when I
installed
WinXP SP3.
Regards,
Dima
Did this problem begin after you installed WinXP SP3?
Was IE7 installed before or after WinXP SP3 was installed?
What anti-virus application or security suite is installed? What
anti-spyware applications (other than Defender)? What third-party
firewall (if any)? Were any of these applications running when you
installed WinXP SP3?
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Dima wrote:
Thanks Frank Saunders for suggesting!
I do not use a firewall. I clicked Start, clicked Run, typed
https://www.microsoft.com:443, and then clicked OK. I could connect
to
www.microsoft.com, and I did not receive an error message.
Sincerely,
Dima
"Frank Saunders MS-MVP IE,OE/WM" <[email protected]>
Ñообщил/Ñообщила в
новоÑÑ‚ÑÑ… Ñледующее:
Hello!
Windows Update site, www.lavasoft.com and some other security
sites do
not
open. Windows Update downloads do not start even manually. Google
shows adds in the beginning of search results. Ad-Aware 2008
(definition file 0081.0000) does not remove the problem. OS is
Windows XP SP3. IE 7. Automatically downloaded updates do not
install
too. Office scan 8.710.1002 is not finding any viruses. SFC
/scannow
does
not
find any discrepancies.
Other peer computers in our network do not have the problem.
How to eliminate the problem?
Sincerely,
Dima
Make sure your firewall is not blocking port 443.
PA Bear said:My colleague Bill Castner agrees with me: Format & reinstall =>
http://aumha.net/viewtopic.php?f=30&t=33760
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Thank you, Dima. I have activated your account at AumHa Forums
(http://aumha.net) manually. You should be able to log-in and post now.
NB: Before you post your HijackThis log, see
http://aumha.net/viewtopic.php?t=4075
Thanks Robear Dyer for replying!
A confirmation email from (e-mail address removed) is not in my inbox of "spam
trap". The username I registered is kop.
The format & reinstall WILL be the last resort. I do not want to loose
rare
programs and settings.
"PA Bear [MS MVP]" <[email protected]> Ñообщил/Ñообщила в новоÑÑ‚ÑÑ…
Ñледующее: We do not interpret or work with HijackThis logs in the public
newsgroups.
http://forums.subratam.org/index.php?showforum=7 does not reply to the
problem
Allow a minimum of three (3) days for a reply to your posts in any forum.
http://aumha.net/viewforum.php?f=30 does not send a confirmation message
to my e-mail.
Assuming you registered successfully, look for a confirmation email from
(e-mail address removed) in your inbox of "spam trap". If no joy, tell me the
username you registered and I'll look into it.
http://forums.spybot.info/forumdisplay.php?f=22 and
http://castlecops.com/forum67.html do not open on my computer.
Possibly due to the infection(s).
Use another machine to post to any of these forums. It is not safe to
have
the infected machine connected to the internet.
Again, a format & reinstall WILL resolve the problems.
--
Dima wrote:
Hello!
http://forums.subratam.org/index.php?showforum=7 does not reply to the
problem and my Logfile of Trend Micro HijackThis v2.0.2.
http://aumha.net/viewforum.php?f=30 does not send a confirmation message
to my e-mail.
http://forums.spybot.info/forumdisplay.php?f=22 and
http://castlecops.com/forum67.html do not open on my computer.
Please, help!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:12:52, on 07.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
<snip>
A Repair Install (or upgrade Repair Install) is not going to help.
Unless
you're willing to post your HijackThis log in an appropriate forum for
assistance (see my last reply), you'll have to format & reinstall
Windows. Dima wrote:
Thanks PA Bear for your suggestions!
I renamed the file HOSTS, rebooted. The behavior persisted.
I have done an upgrade reinstall of Windows XP SP2 in Windows. Should
I
do a Repair Install by booting from the Windows XP CD?
As Frank suggested, open Windows Explorer to
C:\Windows\System32\drivers\etc
<=this folder | Right-click on the file HOSTS (not LMHOSTS; no
extension) Rename it to OLDHOSTS | Reboot.
If the behavior persists, you've most likely got a hijackware
infection. (I suspect you may have already done a Repair Install
because of this infection; If so, only a format & reinstall would
have
fixed it.) Unexplained computer behavior may be caused by deceptive
software
http://support.microsoft.com/kb/827315
Run a /thorough/ check for hijackware, including posting your
hijackthis log
to an appropriate forum.
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware
When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to
use. It will help you to both identify and remove any
hijackware/spyware with assistance from an expert. **Post your log
to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for
review
by an expert in such matters, not here.**
If the procedures look too complex - and there is no shame in
admitting
this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
Dima wrote:
Google shows correct search results at first, but then in a second
the
page replaces the search results with ads.
CrystalBall© sez...
Updates are not installed successfully from Windows Update, from
Microsoft
Update, or by using Automatic Updates after you repair a Windows XP
installation:
http://support.microsoft.com/kb/943144
NB: Also applies to clean installs, upgrade installs, and Recovery
installs.
Dima wrote:
Thanks Robear for replying!
This problem began before I installed WinXP SP3.
IE7 was installed before WinXP SP3 was installed.
Office scan 8.710.1002 and Ad-Aware 2008 (definition file
0081.0000)
are
installed.
There is no third-party firewall.
Ad-Aware 2008 and Office scan 8.710.1002 were not running when I
installed
WinXP SP3.
Did this problem begin after you installed WinXP SP3?
Was IE7 installed before or after WinXP SP3 was installed?
What anti-virus application or security suite is installed? What
anti-spyware applications (other than Defender)? What
third-party
firewall (if any)? Were any of these applications running when
you
installed WinXP SP3?
--
Dima wrote:
Thanks Frank Saunders for suggesting!
I do not use a firewall. I clicked Start, clicked Run, typed
https://www.microsoft.com:443, and then clicked OK. I could
connect to
www.microsoft.com, and I did not receive an error message.
Make sure your firewall is not blocking port 443.
Hello!
Windows Update site, www.lavasoft.com and some other security
sites do
not
open. Windows Update downloads do not start even manually.
Google shows adds in the beginning of search results. Ad-Aware
2008 (definition file 0081.0000) does not remove the problem.
OS is Windows XP SP3. IE 7. Automatically downloaded updates
do
not install
too. Office scan 8.710.1002 is not finding any viruses. SFC
/scannow
does
not
find any discrepancies.
Other peer computers in our network do not have the problem.
How to eliminate the problem?
Thanks for replying!
Why format? Should a fresh OS install help alone?
Regards,
Dima
PA Bear said:My colleague Bill Castner agrees with me: Format & reinstall =>
http://aumha.net/viewtopic.php?f=30&t=33760
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Thank you, Dima. I have activated your account at AumHa Forums
(http://aumha.net) manually. You should be able to log-in and post now.
NB: Before you post your HijackThis log, see
http://aumha.net/viewtopic.php?t=4075
Dima wrote:
Thanks Robear Dyer for replying!
A confirmation email from (e-mail address removed) is not in my inbox of "spam
trap". The username I registered is kop.
The format & reinstall WILL be the last resort. I do not want to loose
rare
programs and settings.
"PA Bear [MS MVP]" <[email protected]> Ñообщил/Ñообщила в новоÑÑ‚ÑÑ…
Ñледующее: We do not interpret or work with HijackThis logs in the public
newsgroups.
http://forums.subratam.org/index.php?showforum=7 does not reply to
the
problem
Allow a minimum of three (3) days for a reply to your posts in any
forum.
http://aumha.net/viewforum.php?f=30 does not send a confirmation
message to my e-mail.
Assuming you registered successfully, look for a confirmation email
from
(e-mail address removed) in your inbox of "spam trap". If no joy, tell me the
username you registered and I'll look into it.
http://forums.spybot.info/forumdisplay.php?f=22 and
http://castlecops.com/forum67.html do not open on my computer.
Possibly due to the infection(s).
Use another machine to post to any of these forums. It is not safe to
have
the infected machine connected to the internet.
Again, a format & reinstall WILL resolve the problems.
--
Dima wrote:
Hello!
http://forums.subratam.org/index.php?showforum=7 does not reply to
the
problem and my Logfile of Trend Micro HijackThis v2.0.2.
http://aumha.net/viewforum.php?f=30 does not send a confirmation
message to my e-mail.
http://forums.spybot.info/forumdisplay.php?f=22 and
http://castlecops.com/forum67.html do not open on my computer.
Please, help!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:12:52, on 07.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
<snip>
A Repair Install (or upgrade Repair Install) is not going to help.
Unless
you're willing to post your HijackThis log in an appropriate forum
for
assistance (see my last reply), you'll have to format & reinstall
Windows. Dima wrote:
Thanks PA Bear for your suggestions!
I renamed the file HOSTS, rebooted. The behavior persisted.
I have done an upgrade reinstall of Windows XP SP2 in Windows.
Should
I
do a Repair Install by booting from the Windows XP CD?
As Frank suggested, open Windows Explorer to
C:\Windows\System32\drivers\etc
<=this folder | Right-click on the file HOSTS (not LMHOSTS; no
extension) Rename it to OLDHOSTS | Reboot.
If the behavior persists, you've most likely got a hijackware
infection. (I suspect you may have already done a Repair Install
because of this infection; If so, only a format & reinstall would
have
fixed it.) Unexplained computer behavior may be caused by
deceptive
software
http://support.microsoft.com/kb/827315
Run a /thorough/ check for hijackware, including posting your
hijackthis log
to an appropriate forum.
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware
When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool
to
use. It will help you to both identify and remove any
hijackware/spyware with assistance from an expert. **Post your
log
to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums
for
review
by an expert in such matters, not here.**
If the procedures look too complex - and there is no shame in
admitting
this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
Dima wrote:
Google shows correct search results at first, but then in a
second
the
page replaces the search results with ads.
CrystalBall© sez...
Updates are not installed successfully from Windows Update, from
Microsoft
Update, or by using Automatic Updates after you repair a Windows
XP installation:
http://support.microsoft.com/kb/943144
NB: Also applies to clean installs, upgrade installs, and
Recovery
installs.
Dima wrote:
Thanks Robear for replying!
This problem began before I installed WinXP SP3.
IE7 was installed before WinXP SP3 was installed.
Office scan 8.710.1002 and Ad-Aware 2008 (definition file
0081.0000)
are
installed.
There is no third-party firewall.
Ad-Aware 2008 and Office scan 8.710.1002 were not running when
I
installed
WinXP SP3.
Did this problem begin after you installed WinXP SP3?
Was IE7 installed before or after WinXP SP3 was installed?
What anti-virus application or security suite is installed?
What
anti-spyware applications (other than Defender)? What
third-party
firewall (if any)? Were any of these applications running
when
you
installed WinXP SP3?
--
Dima wrote:
Thanks Frank Saunders for suggesting!
I do not use a firewall. I clicked Start, clicked Run, typed
https://www.microsoft.com:443, and then clicked OK. I could
connect to
www.microsoft.com, and I did not receive an error message.
Make sure your firewall is not blocking port 443.
Hello!
Windows Update site, www.lavasoft.com and some other
security
sites do
not
open. Windows Update downloads do not start even manually.
Google shows adds in the beginning of search results.
Ad-Aware 2008 (definition file 0081.0000) does not remove
the problem. OS is Windows XP SP3. IE 7. Automatically
downloaded updates do
not install
too. Office scan 8.710.1002 is not finding any viruses. SFC
/scannow
does
not
find any discrepancies.
Other peer computers in our network do not have the
problem.
How to eliminate the problem?
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.