• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Spyware has trashed IE. Reinstalling doesn't fix it. This is when tech support needs tech support!

V

VictorLazlo

Senior member
I am having trouble with a Win2k machine on our local network. The machine had a fair amount of spyware, which I removed with Adaware, Spybot, and Trendmicro Housecall. The main problem was ADW_RULEDOR.C (Backdoor.ruledor.c) which I painstakingly removed from the registry according to Trendmicro's instructions.

Now IE doesn't work. Any site I try to go to yields: "Internet explorer cannot open the search page" and drops me off at the usual "this page cannot be displayed" message.

I am not using ICS or AOL.

The internet connection works perfectly. Ping and IM work fine. I can browse the web by using Outlook or even "My Computer" as a makeshift web browser! The problem is JUST with IE.

I have already been to:
http://mvps.org/winhelp2002/unwanted.htm
and
http://www.mvps.org/inetexplorer/answers.htm#dns
and I don't have Qhosts.

I have cleared out the hosts file.
I have deleted all temp files, cookies, objects, folders, and offline content.
I have reset all web settings.
I have repaired IE6.
I have uninstalled and reinstalled IE6. (Using 5 doesn't work either)
I have even installed SP4, and every available patch (using outlook as a web browser).

I don't have a proxy server and my browser does not use dial-up networking. DHCP and default settings work for every other PC in the office. I think that spyware has tainted my registry in a way that reinstalling IE just doesn't fix. Can anyone suggest some registry keys to check, or hidden KB articles to read before I format the harddrive? I can't be formatting harddrives every time a user gets some spyware!!
 
The internet connection works perfectly. Ping and IM work fine. I can browse the web by using Outlook or even "My Computer" as a makeshift web browser! The problem is JUST with IE.
Click to expand...

Using "My Computer" as a web browser *is* using IE, just not through the same interface. Something is seriously torqued up with your Windows installation and/or registry, but finding out what is just about impossible. Did you try a repair install on Win2K? That should (hopefully) bring you back to a functioning state without wiping out the config and data. I think you tried just about everything anyone here will tell you to do already.

And, jeez, run Spybot (with its Immunize feature) on all their systems, and get some AV on there too. Have Ad-Aware run on boot to keep them clean. Best defense is a good offense -- once the real nasty stuff (trojans, backdoors, etc.) gets into the system, you're hosed.
 
You said you DID install IE 6 w/ SP1 and it didn't fix it?

(Just to clarify.)

Wow, if that doesn't do it, I don't know what will. In addition to everything else you've tried.





KeyserSoze
 
Try this:
Backup and then delete
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
 
Originally posted by: Matthias99
The internet connection works perfectly. Ping and IM work fine. I can browse the web by using Outlook or even "My Computer" as a makeshift web browser! The problem is JUST with IE.
Click to expand...

Using "My Computer" as a web browser *is* using IE, just not through the same interface. Something is seriously torqued up with your Windows installation and/or registry, but finding out what is just about impossible. Did you try a repair install on Win2K? That should (hopefully) bring you back to a functioning state without wiping out the config and data. I think you tried just about everything anyone here will tell you to do already.

And, jeez, run Spybot (with its Immunize feature) on all their systems, and get some AV on there too. Have Ad-Aware run on boot to keep them clean. Best defense is a good offense -- once the real nasty stuff (trojans, backdoors, etc.) gets into the system, you're hosed.
Click to expand...

I figured that installing SP4 was effectively the same thing as doing a repair install of win2k, but if I'm wrong, I'm willing to try it.

This episode will help me make a good case to my boss that we need a client/server antivirus solution protecting the desktops. We just dropped a fat wad of cash on antivirus for the exchange server, and I've been reluctant to pressure them for more money.
 
Just had the exact same problem yesterday. thread

The problem is one of the pieces of spyware that Spybot removed. I suggest going back to Spybot and telling it to Undo the last changes it made. It fixed mine.

Then I was able to research and pinpoint what the problem was. ShopAtHome spyware was removed... but it uses the Winsock2 LSP and if removed manually (like with Spybot) and not entirely/properly, it will kill your internet connection.

You might have one of those similiar spywares using the Winsock2 LSP. I would use Spybot to undo changes, then delete the spyware one at a time, checking your IE connection after each spyware problem is deleted to make sure you find the right one. Then google that piece of spyware for removal instructions.

There is a LSP fix tool that can repair your LSP after a spyware program has hijacked it and then been deleted. Find info here.

deadseasquirrel

edit: just found this post here with good info on how to stop this from happening again.
 
Right on, deadseasquirrel. ShopatHome was one of the spyware programs I removed. I will try the LSP fix and/or restoring programs one by one this afternoon.

Thanks, and I'll keep you posted!
 
Originally posted by: alm4rr
you can always go on over to Mozilla
Click to expand...

yep, in fact, installing and seeing that firebird worked was what made me realize that it was for sure not my connection settings or router or anything else, but IE itself.

however, in just the few minutes my wife used it, she found several pages that didn't work with firebird. and of course, windowsupdate didn't work. but i did like a lot of the functionality of FB and think that it will be a perfect replacement to IE eventually.

and i was still extremely interested in finding out WHY my IE had died, so i did more research and was able to fix it and (hopefully) prevent it from happening again. if i hadn't tried FB, i would have probably kept barking up wrong trees.

 
Bump.

Just had this happen to me. I run SpyBot all the time and this is the first time anything like this happened. Guess I'll go read that LSP thing.

THanks!!
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top