Re: Since January 18th, no high-priority updates...

The crap NIS 2006 left behind /is/ the problem. Doesn't matter if you don't want to install it again.

After running SymNRT and SymCLN:

1. Reinstall 5.6 Scripting Engine
http://msdn.microsoft.com/library/default.asp?url=/downloads/list/webdev.asp

2. See http://castlecops.com/t106642-How_To_Fix_Windows_Update_BITS_Newly_Edited.html

What do you mean about the warranty?

Just what I said after that: You may in fact have a lemon on your hands (a faulty hard-drive), given all of your symptoms.
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org

E. T. wrote:
Since I do not intend to install NIS 2006 again, I thought it does not
matter if I will not run SymNRT, but I may as well do it now.
I checked about what you say (time of the Automatic Updates) and changed
it into a time that I arranged my p/c was open and I was following if any
updates would arrive. Nothing happenned.
After the antivirus scans I did as above, I installed, updated and ran
cwshredder and found nothing.
Installed, updated and ran Ad-aware free version and found 13 tracking
cookies and a Microgaming problem in the registry (dialer?). I had
Ad-aware disinfect them all.
I installed, updated and ran Spybot Search and destroy and found 23
cookies which it fixed.
After all that, I ran my newly obtained Netscape 8 full antispywear scan
and found one Trojan Downloader.Java.Ope which it erased.
I'll do and all the rest I have of instructions about spyware.
What do you mean about the warranty?

"PA Bear" wrote:
> > > In the first 10 days I had NIS 2006 of the new p/c stopping ALL
> > > programs of it from functionning through successive security alerts.
> > > I uninstalled NIS 2006...
>
> There's more to do to get rid of everything NIS 2006-related than just
> uninstalling it. At the very least, I would run SymNRT
> (http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039)
> and SymCLN
> (http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039).
>
> Symantec NAV, NIS, NSW Removal
> http://basconotw.mvps.org/SymRem.htm
>
> > Thursday, 2 February 2006 Windows Update Agent Unable to Connect:
> > Windows is unable to connect to the automatic updates service and
> > therefore cannot download and install updates according to the set
> > schedule.
>
> At what time do you have Automatic Updates scheduled to check for
> updates, ET? Is the machine running and connected to the internet at
> this time?
>
> How to configure and use Automatic Updates in Windows XP:
> http://support.microsoft.com/?kbid=306525
>
> How to schedule automatic updates in WinXP, Win2K and Win2K03
> http://support.microsoft.com/?kbid=327838
>
> Given your other symptoms, I'd most definitely run a thorough check for
> hijackware. See my previous reply.
>
> Oh, and keep your warranty handy. You just might have a lemon on your
> hands.
> --
> E. T. wrote:
> > I found this extract in my p/c's error log:
> >
> > Thursday, 2 February 2006 Windows Update Agent Unable to Connect:
> > Windows is unable to connect to the automatic updates service and
> > therefore cannot download and install updates according to the set
> > schedule. Windows will continue to try to establish a connection.
> > Friday, 10 February 2006 Windows Update Agent Unable to Connect:
> > Windows is unable to connect to the automatic updates service and
> > therefore cannot download and install updates according to the set
> > schedule. Windows will continue to try to establish a connection.
> >
> > As per the yellow instructions:
> > I achieved to finish Panda scan with IE, it found just 45 cookies
> > (spywear) which I erased manually, scanned again and was found clean.
> > When I tried to do Kapersky scan my Windows denied access to their
> > active x control, cause they were "unknown" to them. Did not insist.
> > I tried Symantec's scan but could only finish security check (I
> > downloaded Netscape 8 for this) and was found safe.
> > With IE it's impossible to achieve any Symantec's scan, it downloads
> > for ever the program and viruses definitions, or starts scanning and
> > stops for ever somewhere in the beginning of it.
> > This was routine with my previous p/c also.
> > Symantec does not support virus check with Firefox (which is a bit
> > safer browser than IE), and Netscape is compatible only with their
> > security scan. I tried a million times to scan with Trend Micro,
> > through IE and Firefox, I had this error log:
> >
> > Sunday, 12 February 2006 Applicatio n Error Faulting application
> > firefox.exe, version 1.8.20060.11112, faulting module firefox.exe,
> > version
> > 1.8.20060.11112, fault address 0x002af689.
> > Sunday, 12 February 2006 Applicatio n Error Faulting application
> > getmac.exe, version 0.0.0.0, faulting module getmac.exe, version
> > 0.0.0.0, fault address 0x00001aad.
> > Sunday, 12 February 2006 DrWatson The application, C:\Documents and
> > Settings\expert\.housecall\get Mac.exe, generated an application
> > error The error occurred on 02/12/2006 @ 10:06:59.765 The exception
> > generated was c0000005 at address 00401AAD (getMac)
> > Sunday, 12 February 2006 Applicatio n Error Faulting application
> > getmac.exe, version 0.0.0.0, faulting module getmac.exe, version
> > 0.0.0.0, fault address 0x00001aad.
> > Sunday, 12 February 2006 Applicatio n Error Fault bucket 266101529.
> > Sunday, 12 February 2006 DrWatson The application, C:\Documents and
> > Settings\expert\.housecall\get Mac.exe, generated an application
> > error The error occurred on 02/12/2006 @ 10:11:49.421 The exception
> > generated was c0000005 at address 00401AAD (getMac)
> > Sunday, 12 February 2006 Applicatio n Error Faulting application
> > getmac.exe, version 0.0.0.0, faulting module getmac.exe, version
> > 0.0.0.0, fault address 0x00001aad.
> > Sunday, 12 February 2006 Applicatio n Error Fault bucket 266101529.
> > Sunday, 12 February 2006 DrWatson The application, C:\Documents and
> > Settings\expert\.housecall\get Mac.exe, generated an application
> > error The error occurred on 02/12/2006 @ 10:24:15.281 The exception
> > generated was c0000005 at address 00401AAD (getMac)
> > Sunday, 12 February 2006 Applicatio n Error Faulting application
> > getmac.exe, version 0.0.0.0, faulting module getmac.exe, version
> > 0.0.0.0, fault address 0x00001aad.
> > Sunday, 12 February 2006 Applicatio n Error Fault bucket 266101529.
> > Sunday, 12 February 2006 DrWatson The application, C:\Documents and
> > Settings\expert\.housecall\get Mac.exe, generated an application
> > error The error occurred on 02/12/2006 @ 10:38:43.953 The exception
> > generated was c0000005 at address 00401AAD (getMac)
> > Sunday, 12 February 2006 Applicatio n Error Faulting application
> > getmac.exe, version 0.0.0.0, faulting module getmac.exe, version
> > 0.0.0.0, fault address 0x00001aad.
> > Sunday, 12 February 2006 DrWatson The application, C:\Documents and
> > Settings\expert\.housecall\get Mac.exe, generated an application
> > error The error occurred on 02/12/2006 @ 20:23:45.140 The exception
> > generated was c0000005 at address 00401AAD (getMac)
> >
> > ...and a serious error report of Windows:
> >
> > Sunday, 12 February 2006 System Error Error code 100000d1, parameter1
> > 00000018, parameter2 00000002, parameter3 00000000, parameter4
> > f7d08393.
> >
> > A short blackout and the announcement "Windows just recovered from a
> > serious system error..., please inform Microsoft about this..."
> > which I did and saw a screen saying "unfortunately we do not know
> > the reason of this problem, we investigate..., please contact your
> > p/c's vendor etc... etc."
> > A similar event happenned when I had the NIS 2006 successive security
> > alerts problem (EACH AND EVERY program of my system was stopped by
> > them, dial-up, IE, LiveUpdate, NIS full scan, could not do anything
> > practically than restore, was happy to discover at least this as
> > didn't know it existed). Now my p/c works again as if anything
> > happenned.
> > The situation that led to my previous p/c's crash and is continuing
> > with the new one is: someone puts trojans in my system and then
> > doesn't let me to scan for to detect or remove them, prevents me
> > from doing anything useful (to work for money, to visit places that I
> > could inform about it or find solutions), corrupts my system's parts
> > as cd-rom driver, printer and fdd (the ones of previous system were
> > totally out of order a year before the crash), so that I could not
> > install any security systems from a cd-rom, or save logs for to send
> > them somewhere from
> > outside, etc etc.
> > If I try to scan or erase their trojans as on January with the first
> > event, or now, they show up their strength with a temporarily black
> > out, so that I'll be afraid they'll ruin the new p/c too if I try to
> > erase their malicious programs.
> > I'm not rich, the second p/c I owe it and will take a couple of years
> > for to pay it off.
> > Now I managed to finish Trend Micro scan with Netscape, All time step
> > 3 (listing and removing...) was accomplishing, my p/c was passing
> > monentarily to dos mode (black screen and a white cursor top left) and
> > when it finished my connection was dropped and I reconnected. I was
> > found clean but, under those circumstances no scan is trustworthy, I
> > believe.
> > I forgot to say I have no access to my safe mode through pressing F8
> > when I start or restart (for to scan and correct anything possible
> > from there). My p/c enters automatically to Windows no matter if I
> > try 1000000 times to access safe mode.
> > Is there any way to access safe mode from dos?
> > And a way to enter dos?
> >
> > "E. T." wrote:
> > > I had my previous p/c crashed because of hacking (7 years of BIG
> > > problems) and I bought a new one a month ago.
> > > In the first 10 days I had NIS 2006 of the new p/c stopping ALL
> > > programs of it from functionning through successive security alerts.
> > > I uninstalled NIS 2006, restored Windows to their activation date,
> > > installed NOD32 and updated it
> > > fully.
> > > Though now it seems averything functions alright (for instance,
> > > malicious softwear removal tool of Windows finds nothing suspicious
> > > in my system),
> > > the Windows clock changes very often (every one or two days) it
> > > shows either one or seven hours earlier or later than the actual
> > > time. Or half an hour, it is never the same.
> > > Today I tried to download a 30 days trial translation-memory program
> > > that made VERY much time to complete and then when I tried to ask
> > > for a validation code from the company, I saw a mail delivery
> > > failure in my inbox, proving that I sent
> > > to their server a mail to an uhknown receiver that failed to be
> > > delivered.
> > > I did not send anything, of course.
> > > I will visit the page you say, but this is a war I've fought for too
> > > long and I'm not very optimistic about the end.
> > >
> > > "Jupiter Jones [MVP]" wrote:
> > > > Your clock changing is often the result of a low BIOS battery.
> > > > It is usually a CR2032, relatively easy and quick to replace on
> > > > desktop computers.
> > > > Exactly what happens with the clock?
> > > >
> > > > Follow the yellow section on this page to help be sure there are
> > > > no viruses, spyware or other malware involved:
> > > > http://www3.telus.net/dandemar/slowcom.htm
> > > > --
> > > > "E. T." <ET@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> > > > news:52FE93B0-1EAA-476B-A86D-FF14F858E994@xxxxxxxxxxxxxxxx
> > > > > Yes, I have 905915.
> > > > > But since Microsoft says to visit at least once a week its
> > > > > update page and because I have other problems in my p/c (my
> > > > > clock changes very often and I must correct it, for instance
> > > > > and I'm afraid about some trojan, also), I worried about this,
> > > > > too.
> > > > >
> > > > > Thank you

.

Loading