Re: IE non connect problem

From: Bob (news_at_direcway.com)
Date: 12/01/04

• Next message: PA Bear: "Re: networking with XP"
• Previous message: Garry Turnquist: "Re: Applet started - then i lose my internet connection"
• In reply to: Jan Il: "Re: IE non connect problem"
• Next in thread: Bob: "Re: IE non connect problem"
• Messages sorted by: [ date ] [ thread ]

Date: Wed, 1 Dec 2004 11:05:14 -0800

Jan,

To fully illustrate the problem, I have four programs besides ie, that
normally connect to the internet and appear to use their own screen. As far
as I can ascertain they do not use IE. Outlet express checks the mail, AVG
updates itself, mailwasherpro advance checks the mail, spybot checks for
updates. None of these will now connect to the internet.
I looked up the registry file its winde.dll. I will proceed with your
instructions carefully and get back to you.
Thanks
Bob
"Jan Il" <abuse@localhost.com> wrote in message
news:OiFF2K91EHA.3708@TK2MSFTNGP14.phx.gbl...
> Hi Bob :-)
>
>> Jan,
>> No luck.Worked each and every one. Mainly I was encourged by the winsock
>> fix. It didn't work either. The dial up connection works to the IP, but
>> nothing seems to be connecting thereafter. Outlet express, that usually
>> conects, does not. The AVG virus program does not. Spybot does not. I
> don't
>> think any of these would be effected by the highjacker. IE comes up,
>> along
>> with the connection screen, with the correct start page. Once you click
>> "connect" the start page changes to the highjacker web address. Normally
> the
>> highjacker would activate IE and take you to that webb address. Note that
>> even the Highjacker does not connect! (I tried the Highjacker on my other
>> computer and it loads (opens) the web page.)
>>
>> I tried to download IE 6 but all I could retrieve was the "setup files".
> Is
>> there a way to get IE 6 operating files downloaded. I can burn them to a
>> disc and copy them to the troubled computer. But the question remains,
> will
>> that help.
>>
>> Could there be a "service" disabled (admin tools) that could be causing
> the
>> problem?
>>
>> I'm at home on my house computer....the reason for the FM rather than Bob
>
> Yes, you can burn all the files to the hard drive of another PC and then
> burn them to a CD, load them to your computer and then install them from
> there. However, I'm not sure I understand the questions regarding IE.
> You
> should be able to repair your IE from the computer, the files should be on
> the hard drive, or on the Original Windows install CD. Give me a bit more
> information on what you want to do in this regard and I'll try to be more
> specific for you. Also, be aware that with XP the IE is a core part of
> the
> XP system, and can not be uninstalled, but it can be repaired. However,
> this will not help until the hijacker is totally removed.
>
> In that regard, the hijacker is obviously a nastier variant, thus, I am
> providing a more aggressive cleaner for you to run, which should help
> remove
> the hijacker from your system. Once that is done, we can do the necessary
> to get up hooked back up. But, we need to get rid of the scumware first.
> Some variants can replicate themselves repeatedly, and some even morph, if
> not fully removed properly.
>
> Follow the instructions below very carefully:
>
> Courtesy of Jim Byrd -
>
> Like any disinfection procedure, it's a bit risky - it deletes an
> important
> registry key and subsequently restores a revised version. If something
> goes
> wrong, your PC may no longer work normally.
>
> YOU USE THIS PROCEDURE AT YOUR OWN RISK!
>
> Download Registrar Lite 2.0, install it and run it.
> http://www.majorgeeks.com/download469.html
> http://www.softpedia.com/public/cat/12/5/12-5-21.shtml
>
> Navigate to this key:
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
> (note...should be all on one line)
> and look at the AppInit_Dlls value.
>
> Write down the name of the DLL file that's displayed!
>
> (If you see several values separated by commas or spaces, which is
> unlikely,
> use Windows Explorer to search for each one in the Windows\System32 or
> Winnt\System32 directory. The one you can't find is the one to remember!)
>
> Exit Registrar Lite.
>
> Download and run this script. It will delete the CWS AppInit_Dlls value
> and
> reboot Windows. After the reboot, the shield-DLL file is still on the hard
> disk, but it's no longer a threat to your PC.
> http://www.silentrunners.org/CWS%20Shield%20Dropper.vbs
>
> Download Silent Runners here:
> http://www.silentrunners.org/Silent%20Runners.vbs
> Run it and look at the list of Browser Helper Objects. One of them will
> have
> a strange name. Write down the the file name (including the full path)!
>
> (If you're not sure which BHO was installed by CWS, reboot into Safe Mode
> and follow steps 8-10 here. Commercial programs, such as PestPatrol, are
> also available to identify and delete BHO pests.)
>
> Download and run this script to delete the CWS shield-DLL and the BHO
> files.
> No reboot will be required.
> http://www.silentrunners.org/CWS%20File%20Cleaner.vbs
>
> Reset your Internet Explorer home page. Your PC should now run normally.
>
>
> If these steps do not resolve your problem, please post back to this
> thread
> with the details and any error messages.
>
> Hope this helps
>
> Jan :)
> Smiles are meant to be shared,
> that's why they're so contagious.
>
> Please reply to the newsgroup so others may benefit.
> Replies are posted only to the newsgroup for the benefit or other readers.
>
> How to make a good newsgroup post:
> http://www.dts-l.org/goodpost.htm
>
>
>
>
>
>
>>
>>
>>
>> "Jan Il" <abuse@localhost.com> wrote in message
>> news:e$wVWGy1EHA.2624@TK2MSFTNGP11.phx.gbl...
>> > HI Bob :-)
>> >
>> > You may have a hijacker, malware, spyware or parasites on your system
>> > causing this problem. Thus, in addition to running your updated
>> anti-virus
>> > program, you should do the following to be sure none of these are
> present
>> on
>> > your system. Although you may have already run one or more of the
>> programs,
>> > please do so again according to the instructions below. Some variants
> of
>> > malware can replicate themselves over and over if not removed properly.
>> > Please follow all instructions carefully to be sure your system is
>> > thoroughly cleaned:
>> >
>> > Dealing with Unwanted Spyware and Parasites:
>> > http://mvps.org/winhelp2002/unwanted.htm
>> > Be sure to run CWShredder, Ad-aware and Spybot.
>> > If these steps do not resolve your problem, please post back to this
>> thread
>> > with the details and any error messages.
>> > (or Spybot - Search and Destroy DSO Exploit Fix 1.3.1 TX)
>> > http://www.majorgeeks.com/download4392.html
>> > Also be sure to use the HijackThis. Please do not post your log to
>> > this
>> > newsgroup, but to the HiJackThis Support Forum
>> > http://www.hijackthis.de/forum/forumdisplay.php?f=10&guestlanguageid=4
>> > or the Aumha HiJackThis forums
>> > http://forum.aumha.org/viewforum.php?f=30
>> > to allow the experts there to evaluate your log and advise you of the
>> > necessary steps to clean your system.
>> >
>> > Also this program searches for hidden .dlls that recreate the malware.
>> > About Buster:
>> > http://www.majorgeeks.com/download4289.html
>> >
>> > CAUTION!!!!! Before you try to remove spyware using any of the
>> > programs
>> > below, download a copy of LSPFIX from any of the following sites:
>> > http://www.cexx.org/lspfix.htm
>> > http://www.spychecker.com/program/winsockxpfix.html
>> > (if your OS is Win2k or XP) The process of removing certain malware may
>> kill
>> > your internet connection. If this should occur, this program, LSPFIX,
> will
>> > enable you to regain your connection.
>> >
>> > Also, get a copy of WINSOCKXPFIX available at:
>> > http://www.spychecker.com/program/winsockxpfix.html
>> > and
>> > WinsockXP Fix- WinXP
>> > http://www.spychecker.com/program/winsockxpfix.html
>> > Also, with instructions, at
>> > http://www.iup.edu/house/resnet/winfix.shtm
>> > also
>> > From LavaSoft- all versions of Windows-
>> > http://digital-solutions.co.uk/lavasoft/whndnfix.zip
>> > also ....
>> > (NOTE: It is reported that in XP SP2, the command netsh winsock reset
>> > will fix this problem without the need for these programs.)
>> >
>> > or ........
>> >
>> > Winsock Fix Utility
>> > http://www.dfwonline.net/files/WinsockFix.zip
>> >
>> > Also.........
>> >
>> > Courtesy of Jim Byrd -
>> >
>> > Download Sysclean.com, from Trend Micro, here:
>> > http://www.trendmicro.com/download/dcs.asp along with the latest
>> > pattern
>> > file, here:
>> > http://www.trendmicro.com/download/pattern.asp
>> > Be sure to read the "How-to" info here:
>> > http://www.trendmicro.com/ftp/products/tsc/readme.txt
>> > You might also want to get Art's updater, SYS-UP.Zip, here for future
>> > updating of these: http://home.epix.net/~artnpeg/.
>> > (If you download and use the updater from the beginning, it will
>> > automatically handle downloading the other files. Place them in a
>> dedicated
>> > folder after appropriate unzipping, and then run. This scan may take a
>> long
>> > time, as Sysclean is VERY extensive and thorough
>> >
>> > and......
>> >
>> > NOTE: If you can not download these programs from the Internet, if your
> PC
>> > has CD read capabilities, go to another computer with CD-ROM burning
>> > capabilities. Create a folder on the hard drive of the other computer
>> called
>> > HOLD, download the programs to that folder, then burn that folder to a
> CD.
>> > Copy the HOLD folder to your HD and then install the programs from
> there
>> > and run them. After you have IE access again, update all programs where
>> > possible to get the latest definitions and run them again in Safe Mode
> to
>> be
>> > sure there are no lingering items on the system.
>> >
>> > also...........
>> >
>> > Additional information on how to protect your PC:
>> > The Parasite Fight http://www.aumha.org/a/quickfix.htm
>> > More security tips at http://www.aumha.org/a/parasite.htm
>> > Bugs, Glitches & Stuffups: http://www.mvps.org/inetexplorer/Darnit.htm
>> >
>> > If these steps do not resolve your problem, please post back to this
>> thread
>> > with the details and any error messages.
>> >
>> > Hope this helps
>> >
>> > Jan :)
>> > Smiles are meant to be shared,
>> > that's why they're so contagious.
>> >
>> > Please reply to the newsgroup so others may benefit.
>> > Replies are posted only to the newsgroup for the benefit or other
> readers.
>> >
>> > How to make a good newsgroup post:
>> > http://www.dts-l.org/goodpost.htm
>> >
>> >
>> >
>> > " <news@direcway.com> wrote in message
>> > news:eqcx6nx1EHA.2572@tk2msftngp13.phx.gbl...
>> > > I have a connection problem with IE. The computer has windows2000 OS
> and
>> > was
>> > > full of Viruses. I got rid of all but one which appears to be a
>> hijacker.
>> > > When I click on IE my dial up connection comes up, with IE in the
>> > background
>> > > containing the correct home page. As soon as the dial up makes a
>> > connection
>> > > the home page changes to http://a-search.biz/?wind=1010. ( If any one
>> > > recognizes the HiHacker by this signature please let me know.) I get
>> > > a
>> > "the
>> > > page cannot be displayed" at the top and a "cannot find server or DNS
>> > error
>> > > Internet Explorer". If I manually change the address to my home page
>> > > I
>> get
>> > > the same errors. If I click on "Detect Network Settings" I get an
>> > additional
>> > > message in the lower task bar (rather than just Done)
>> > > "javascript:doNotDetect()"?
>> > >
>> > > The unit had AOL on it so I uninstalled it in case that was causing a
>> > > conflict. I have downloaded all the virus programs (Sysclean,
>> > > Adaware,
>> > > Hijack this, cwshredder, AVG, Sypbot, spyblaster) and have not been
> able
>> > to
>> > > identify the hijack culprit. I have examined the registry and the
>> > > host
>> > files
>> > > as well. I need to connect to the Internet to do some updates of the
>> > various
>> > > programs and do some scans from external sources.
>> > >
>> > > If any one recognizes the HiHacker by the above signature please let
> me
>> > > know.
>> > >
>> > > Thanks for any suggestions
>> > >
>> > > Bob
>> > >
>> > >
>> >
>> >
>>
>>
>
>

• Next message: PA Bear: "Re: networking with XP"
• Previous message: Garry Turnquist: "Re: Applet started - then i lose my internet connection"
• In reply to: Jan Il: "Re: IE non connect problem"
• Next in thread: Bob: "Re: IE non connect problem"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint