Re: IE6 overwrites anything I try to type in to the address bar
From: GordL (GordL_at_discussions.microsoft.com)
Date: Wed, 3 Nov 2004 21:07:01 -0800
Hi Jan Il
Thanks for your response. I do apprecite it. I followed most of your links
and sadly came up empty. Unfortunatly (or fortunatly depending on your point
of view) this issue is not related to addware, spyware, virus ware nor
maleware of any other kind. I had already throughly checked. It is also not
an "auto-complete" issue that can be changed through IE6's GUI. Again I had
already throughly checked. (This is not to say that it isn't an
"auto-complete" issue that requires some sort of registry hack to fix.)
This machine operates in a highly secure environment with current (04.11.02)
antivirus software (real-time scanning plus daily full file scans) current
anti-addware (real-time scanning and daily full file scans) and is a fresh
install of WinXP with all of the updates/hot fixes installed before anything
else. High-end outbound (application) firewalling and similar inbound
firewalling is implimented. In addition a high end hardware firewall
provides perimiter security. This particular computer is a multihomed
"server" and has never connected to a client machine. (The LAN NIC has never
been physically connected to anything.) Both of it's IP addresses are
non-routable because the hardware firewall handles NAT and I would never use
anything other than non-routable addresses on the LAN side.
I think I have encountered a bug in a service pack or a recently installed
hot fix and hoped that someone else had seen exactly the same behavior and
could pin-point the cause and possibly the exact remedy. Until recently (I
don't know exactly when but probably after installing a recomended update
from Microsoft) IE6 behaved normally.
This machine, when completed, will become the server for my test network
where I experiment with various hardware and software products and
configurations before rolling them out in my mission-critical production
environments. I was probably unclear in my post that I was looking for an
exact explanation rather than the paths to possable solutions or work
arrounds. It is my intention to "image" this machine when it is fully
configured so that I always have a "known restore point" and I will need to
fully document the exact process that I followed should I (or someone else)
ever need to retrace the steps. For this reason I don't want to "thrash
around" any more than is strictly necessary.
Again, thank you for your reply. I have posted my inquiry in many places
and you are the first one to have replied.
"Jan Il" wrote:
> Hi GordL :-)
> Try the following and see if it helps:
> Disable Autocomplete
> Tools>Internet Options>Content tab>click Autocomplete
> Uncheck all the boxes for features you don't want to use
> Click Apply
> Then OK
> Unwanted Auto-Complete
> Internet Options> Advanced> uncheck Use inline autocomplete. You may have to
> delete the History folder to eliminate entries which are currently stored in
> the index.dat file.
> See: http://mvps.org/winhelp2002/delcache.htm
> Try this:
> or ........
> Courtesy of Don Varnau
> With no programs open,
> Run REGEDIT and make your way to this key:
> [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\SPW]
> Export that key (Registry> Export.) If you you wish to undo the change,
> doubleclicking on that REG file will restore the original registry key.
> Then delete the SPW key.
> Restart the computer.
> If still n joy, then.....
> in addition to running your updated anti-virus
> program, you should do the following to be sure none of these are present on
> your system. Although you may have already run one or more of the programs,
> please do so again according to the instructions below. Some variants of
> malware can replicate themselves over and over if not removed properly.
> Please follow all instructions carefully to be sure your system is
> thoroughly cleaned:
> Dealing with Unwanted Spyware and Parasites:
> Be sure to run CWShredder, Ad-aware and Spybot.
> Also be sure to use the About:Buster here
> AdAware se (Free)
> the newest version of CWShredder (2.0) here:
> and the HijackThis. Please do not post your log to this
> newsgroup, but to the SpywareInfo or the Aumha HiJackThis forums
> http://forum.aumha.org/viewforum.php?f=30, to allow the experts there to
> evaluate your log and advise you of the necessary steps to clean your
> CAUTION!!!!! Before you try to remove spyware using any of the programs
> below, download a copy of LSPFIX from any of the following sites:
> (if your OS is Win2k or XP) The process of removing certain malware may kill
> your internet connection. If this should occur, this program, LSPFIX, will
> enable you to regain your connection.
> Also, get a copy of WinsockFix Utility
> WinsockXPFix available at:
> WinsockXP Fix- WinXP
> Also, with instructions, at
> From LavaSoft- all versions of Windows-
> also ....
> (NOTE: It is reported that in XP SP2, the command netsh winsock reset
> will fix this problem without the need for these programs.)
> Courtesy of Jim Byrd -
> Download Sysclean.com, from Trend Micro, here:
> http://www.trendmicro.com/download/dcs.asp along with the latest pattern
> file, here:
> Be sure to read the "How-to" info here:
> You might also want to get Art's updater, SYS-UP.Zip, here for future
> updating of these: http://home.epix.net/~artnpeg/.
> (If you download and use the updater from the beginning, it will
> automatically handle downloading the other files. Place them in a dedicated
> folder after appropriate unzipping, and then run. This scan may take a long
> time, as Sysclean is VERY extensive and thorough
> NOTE: If you can not download these programs from the Internet, if your PC
> has CD read capabilities, go to another computer with CD-ROM burning
> capabilities. Create a folder on the hard drive of the other computer called
> HOLD, download the programs to that folder, then burn that folder to a CD.
> Copy the HOLD folder to your HD and then install the programs from there
> and run them. After you have IE access again, update all programs where
> possible to get the latest definitions and run them again in Safe Mode to be
> sure there are no lingering items on the system.
> Additional information on how to protect your PC:
> The Parasite Fight http://www.aumha.org/a/quickfix.htm
> More security tips at http://www.aumha.org/a/parasite.htm
> Bugs, Glitches & Stuffups: http://www.mvps.org/inetexplorer/Darnit.htm
> So how did I get infected in the first place?
> If these steps do not resolve your problem, please post back to this thread
> with the details and any error messages.
> Hope this helps
> Jan :)
> Smiles are meant to be shared,
> that's why they're so contagious.
> Please reply to the newsgroup so others may benefit.
> How to make a good newsgroup post:
> > When I try to type anything into the IE6 address bar it is
> > overwritten within a couple of seconds with whatever was previously
> > there. Does anyone have any ideas? All service packs are up-to-date
> > on a clean machine.