Hi

Most of the time when I click on a link I get a blank tab, or nothing. If I enter a URL manually, e.g. http://www,google.com, I sometimes get what appears to be what I want. However sometimes I get nothing e.g. http://www.yahoo.com does nothing, but http://www.yahoo.com\mail brings up the Yahoo Mail login screen. There are no other symptoms - no popups (they're blocked), system performance is normal,

This happens in my primary browser - Firefox and my secondary browser - Internet Explorer, I have a tertiary browser (FF Portable) on a USB drive that I'm fairly certain is OK, but I'm loathe to plug it in less it suffers the same fate.

This morning, whilst looking for mailing list services, I stumbled upon something called Google Directory Services, unfortunately I have cleared my browser history so I cant supply the URLs around that time. I am fairly certain it was at this time that my system got infected, not necessarily by Google Directory Services itself, but something around that "time slot", but who knows the pathogen may have been incubating for days or even weeks.

I'm not convinced it's the browsers that are infected, it feels like something lower down in hierarchy, which would explain why FF & IE7 behave the same. I feel I should know how to fix this, it feels simple - but I don't. I was going to clear my cookies, but the fact that both browsers are behaving the same makes me think that that's not the source of the problem, because each browser maintains its own cookie jar - don't they? I guess the pathogen may have initially infected FF then looked for other browsers and infected them similarly. I might download Opera to see what happens.

I don't have your preferred system info tool, Deckard's System Scanner, and the link on this site gets hijacked to a blank page, if I need to run it then I'll need an alternate source - eg send it to me as an email attachment.

I have run Kapersky IS 7 (my primary security tool) Critical Area and Startup Object scans at maximum protection levels, I have also run Malwarebytes Anti-Malware (free) Quick Scan. No reports came from these scans. I have Alvira, not installed but waiting in the wings so to speak. I'm going to start a Maximum Protection Kapersky full system scan - that will take most of the day I suspect,

Briefly my system is Intel 6600 @ 2.4GHz, 3G RAM, 2 x 250G SATA disks etc.

* XP Home-SP3 (Microsoft Update reports that there are no high priority or application updates available)
* Firefox 2.0.0.14
* Internet Explorer (7.0.5739.13)
* Kapersky Internet Suite version 7.0.1.325 database 20090505 053919
* Internet connection is ADSL2+ (i.e. LAN connect)



Thanks in anticipation

Hello, yes please run the Kas scan post the log if you would.
Also run this and return the log.

Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..
DO NOT run yet.
Open SUPER from icon and install and Update it
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.
Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.

Now reboot into Safe Mode: How to enter safe mode(XP)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.

Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.

If you use Firefox or Opers browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

NOW Scan with SUPER
Open from the desktop icon or the program Files list
On the left, make sure you check C:\Fixed Drive.
Perform a Complete scan. After scan,Verify they are all checked.
Click OK on the summary screen to quarantine all found items.
If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Please ask any needed questions,post log and Let us know how the PC is running now.

Did all that you suggested.

I now have the slowest booting computer in the solar system, maybe the galaxy or even the universe - I needed that like a hole in the head.

My system now takes over 6 minutes to boot from the F8 choices into Safe mode, when I went into safe mode to run ATF and Super it took the normal 10-20 seconds. If I boot normally it takes like FOREVER, at least 35 minutes, that's right minutes not seconds. Not only that but between the video reset and the Welcome screen (about 8 minutes) there's frigging bird song coming from the system speaker.

These behaviours were not manifest prior to following your advice, as I said in my original post, apart from the browser issues, there were no other symptoms. I am very confident I followed you instructions to the letter. You should probably know that I have about 40 years IT experience, although viruses, spyware etc are not my domain of expertise.

After the ATF cleanup, SuperAntiSpy reported no threats. I'm not going to post the log because I have no reason to believe that running ATF or SuperAntiSpy software again will not leave my system in an even more crippled state than it already is.

It should not surprise you that I would be extremely cautious in taking any further advice from you. I'm sure you are decent person and did not set out to deliberately wreck my system and your advise was offered in good faith. But what's happened is what's happened and I hope you'll understand that I'd rather someone else picked up the ball.

rgds TUT

Hi, me again

Sorry I forgot to mention that FF at least seems to be behaving OK, i.e. http://ww.yahoo.com takes me where I think it should, but I cant live in Safe on an 800 x 600 display, not sure that things like VS2008 will even work, let alone Expression Blend.

I would have already run windows xp sp3 as a repair disk and I don't really consider myself an IT expert

A badly broken computer is unpredictable when you start to try and clean it up

I was trying to clean up a really bad one and each time I removed one set of files another set showed up, I went thru a lot of scans and fixes and I got down to one last file that MBAM removed, that computer would not boot into safe or normal mode after that until I ran a repair disk. I thru in the towel and did a clean install

Chewy, No doubt at all that I'll be reformatting C, C♯ or B♭ sometime over the next 24 hours.

My Recovery Disk is 6+ weeks old, being developer I have a volatile system, so disaster recovery for me isn't a matter of putting in the Recovery disk, pressing the button and logging onto BigBrother or YouTube.

I am quite happy to hold off doing the rebuild until tomorrow so that "the experts" can ask me to look at things so that they may avoid creating an ugly mess such as this in the future.

Contrary to popular opinion I'm not the most important person on the planet and life as we know it will not come to an end if my computer ain't fixed today. It'll still be broken tomorra, so there's no compelling reason to fix it today, its not going to fix itself and thus deprive me of the pleasure of fixing it tomorra.

Anyway it's not completely broken, works Ok in Safe mode.

Have a nice day and thanks for the feedback.