As I suspected earlier, you are seeing the effects of a hijackware
infection!
NB: If you had no anti-virus application installed or the subscription
had
expired *when the machine first got infected* and/or your subscription
has
since expired and/or the machine's not been kept fully-patched at
Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!
Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including
unwanted software), and adware.
https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1
Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/
Otherwise...
1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx
NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.
2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan
(only!) in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm
2b. Vista or Win7=> Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm
3. Now run a thorough check for hijackware, including posting requested
logs in an appropriate forum, not here. DO NOT SKIP THIS STEP!!
Checking for/Help with Hijackware:
•
http://mvps.org/winhelp2002/unwanted.htm
•
http://inetexplorer.mvps.org/tshoot.html
•
http://www.mvps.org/sramesh2k/Malware_Defence.htm
•
http://www.elephantboycomputers.com/page2.html#Removing_Malware
**Chances are you will need to seek expert assistance in
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php,
http://aumha.net/viewforum.php?f=30 or other appropriate forums.**
If these procedures look too complex - and there is no shame in
admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair
shop.
Adela wrote:
Hi again Robear. I did all the suggestions you gave me, including the
Reset, also tested it, and it sitll has the 3 errors. On restarting
it,
the
anti-malware Hitman Pro found 3 items which I list below in case they
mean
anything?:
atapl.sys
C:\Windows\System32\drivers (rootkit)
sdra64.exe
C:\Windows\System32\ (malware)
windir.exe
Documents and Settings\My Name\Local Settings\Temp (malware)
Is there something else that can be done to fix the errors? But
meantime,
I'll wait for you to please tell me:
which of the Adobe Reader v9.3.1 I should download, per my previous
email
to
you.
Also, is there another way to get rid of the very long list of Google
history files where the "Delete History" button cannot be seen?
Thank you very much for all your help!
) Adela
My new computer came with a paid-up McAfee but shortly after I
foolishly
paid again for Norton on someone's recommendation. At present I have
Avira
Antivir personal free.
Assuming you uninstalled the McAfee application and the Norton
application
prior to installing Avira AntiVir:
1a. Download the Norton Removal Tool, saving it to your desktop:
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe
1b. Download the McAfee Consumer Products Removal Tool, saving it to
your
desktop:
http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe
2. Close all open applications (i.e., anything with an icon on the
taskbar).
3. Double-click on the file you saved in #1a above to run the utility.
Don't TOUCH your keyboard until the run completes, then reboot.
4. Double-click on the file you saved in #1b above to run the utility.
Don't TOUCH your keyboard until the run completes, then reboot.
5. Do a Reset per
http://www.malwarehelp.org/how-to-reset-internet-explorer-6-to.html
6. Test to see if you still get the errors.
IN RE Adobe Reader: Uninstall your current version of Adobe Reader
then...
- Download/install Adobe Reader v9.3.1 via this page:
http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows;
or...
- Download/install Foxit Reader (free) via this page:
http://www.foxitsoftware.com/pdf/rd_intro.php
Adela wrote:
Hello and thank you Robear!
1. Why hasn't WinXP SP3 been installed by now?
I am getting SP3 as soon as I complete fixing these "infections" (or
whatever they are). I'm aware they will discontinue support in July.
I
also plan on upgrading to IE8 at that time.
2. Why isn't Adobe Reader v9.3.1 installed? See
http://www.adobe.com/support/security/bulletins/apsb10-07.html
I thought it updated itself automatically as I vaguely recall ir
running...I
gues not. Thru the above link you so kindly gave me I learned I have
version 8.0.0. and, while they say that one can download if one has
version
9.3, they dont' say what to do if one has older versions. Do you
happen
to
know?
3. Has a Norton or McAfee application ever been installed on the
computer
(e.g., a free-trial version that came preinstalled when you bought
it)?
My new computer came with a paid-up McAfee but shortly after I
foolishly
paid again for Norton on someone's recommendation. At present I have
Avira
Antivir personal free.
4. Does the behavior persist after doing a Reset? See
http://www.malwarehelp.org/how-to-reset-internet-explorer-6-to.html
Wow the reset sounds awfully complicated. I noticed that the
Internet
Option screenshots are different from mine which will cause
additional
problems. However, if I must, I will do it...with a prayer. LOL!
Thank you again! Adela
1. Why hasn't WinXP SP3 been installed by now?
NOTE: Extended Support for WinXP (x86) SP2 ends on 13 July 2010.
After
that date, computers running WinXP (x86) SP2 will NOT be offered any
further critical security updates, Automatic Updates will not work,
and
Windows Update website will not be accessible until SP3 is
installed.
2. Why isn't Adobe Reader v9.3.1 installed? See
http://www.adobe.com/support/security/bulletins/apsb10-07.html
3. Has a Norton or McAfee application ever been installed on the
computer
(e.g., a free-trial version that came preinstalled when you bought
it)?
4. Does the behavior persist after doing a Reset? See
http://www.malwarehelp.org/how-to-reset-internet-explorer-6-to.html
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002
Adela wrote:
[MS WinXP Home 2002 - SP2; OE 6; IE 6; MS Office Pro; Avira
Antivir
Personal Free anti-virus; Dell Dimension XPS T448MHz Pentium III;
384MB
RAM;
high speed cable; WordPerfect8; Lexmark Laser printer "Optra E310";
Windows
Media Player; Adobe Reader 8; Adobe Flash Player 10 Activex..]
Hello, I have 3 error msgs that I think may have to do with windows
and
IE6;
if not, please forgive and tell me where to post? They've been
making
my
life miserable. Thanks.
1. "This program is not responding and it will shut off." (More
and
more
frequent)
2. The Google "Delete History" button is covered by a very long
list
ALL
the way down so I haven't been able to delete it. (Cleaning out
Internet
Options doesn't help)
3. This is only a few days old: "The document has moved,
redirect..."
Thanks so much for any suggestions to fix those wretched things.
o)
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 4983 (20100329) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
Adela