#1
|
|||
|
|||
Internet Explorer 7 Strange Behaviour
Hi everybody and welcome back from holidays
Today i have a problem with Internet Explorer 7(please don't tell me to drop it and go Firefox). A best friend of mine installed it(actually a slightly modded version done by his ISP with IEAK) and everytime he starts it, he keeps getting this page (http://go.microsoft.com/fwlink/?LinkId=74005) that leads to the internet explorer first time configuration (Search Provider/Clear Type/Language/Anonymous Statistics). He then saves them and when he closes the browser and starts it back again, he keeps always getting that page, no matter what the home page is. No javascript errors at all, everything seems ok, but seems like IE is not able to save the settings and just keeps asking user input everytime. I did a rapid google search but no lunk, the search seems to point nowhere, noone else had this problem (strange?). Before attaching a debugger and trying to figure out what the problem is, I wanted to share this problem with you, maybe we can come up with a solution. Thanks to everybody |
#2
|
|||
|
|||
Has he updated IE7? The current version on WindowsXP is 7.0.5703.11.
My version is not modded and I've had absolutely no problem with it. I saw someone reported the identical problem here, but no reply with a solution: http://www.ureader.com/message/4056493.aspx and here: http://help.lockergnome.com/windows2/Issues-IEAK-ftopict483369.html But see this page: http://www.chcs.com/knowledgebase/article.cfm?aId=143 Here's something showing where M$ keeps the links for this process: http://boards.cexx.org/index.php?topic=16501.msg67883 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 This particular report was about a Firewall problem and fixed with Hijack This. CHECK THIS ONE FIRST! Here's an apparent solution from the Systernals Forum: http://forum.sysinternals.com/forum_posts.asp?TID=8576&PN=1 The search criteria I used was: fwlink/?LinkId=74005 Regards,
__________________
JMI |
#3
|
|||
|
|||
First time configuration should be done completely then everything will be OK.
|
#4
|
||||
|
||||
try this
dear freind :
First step for this time is to download this program Hijackv1.99.1 form this site : http://www.thespykiller.co.uk/files/HJTsetup.exe Now : -Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad. -copy the entire contents of the log. then replay the log in your next reply. the second is i will send the solution to u and i think i have the solution but i must be sure from somethings... |
#5
|
||||
|
||||
Ok this is the solution
Please read this post completely
Please download SmitfraudFix (by S!Ri) Extract the content (a folder named SmitfraudFix) to your Desktop ths link is : http://siri.urz.free.fr/Fix/SmitfraudFix.zip Boot into Safe Mode ........Open the SmitfraudFix folder on your desktop and double-click smitfraudfix.cmd Select option #2 - Clean by typing 2 and press "Enter" to delete infected files. You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection. The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter". The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows. A text file will appear onscreen, with results from the cleaning process; please save the content of this report on your desktop. The report can also be found at the root of the system drive, usually at C:\rapport.txt Please download ATF Cleaner by Atribune. http://www.atribune.org/ccount/click.php?id=1 This program is for XP and Windows 2000 only Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. _____________________________________ If you use Firefox browser Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. _______________________________________ Download the trial version of Ewido Security Suite Here. http://www.ewido.net/en/download/ Install ewido. During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu". Launch ewido It will prompt you to update click the OK button and it will go to the main screen On the left side of the main screen click update Click on Start and let it update. DO NOT run a scan yet. You will do that later in safe mode. Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode. Boot into Safe Mode: Scan with Ewido as follows: 1. Click on "Scanner" and choose "Settings". 2. Under the bottom section "What to Scan?" make sure "Scan every file" is selected. 3. Select "OK" and you will return to scanning options. 4. On the main screen click on "Complete System Scan" to start the scan. 5. While the scan is in progress, you will be prompted to clean the first infected file if finds. Put a check next to "Perform action on all infections" in the lower left corner. 6. Then choose "Clean" and click "OK". 7. When the scan has completed, Ewido will create a report.txt file. 8. Click the "Save Report" button on the bottom of the screen and save the log to your desktop in case you need it later. 9. Exit Ewido when done. Note: DO NOT USE the computer while Ewido is scanning. If Explorer or the Control Panel are opened some malware types will reinfect your system or will not be cleaned properly. Note: If Ewido "crashes" or "hangs" during the scan, try scanning again by doing this: 1. Scan one sector of the system at a time by using the "Custom Scan" feature. To do this select Scanner > Custom Scan and click on Add drive/directory/file. Browse to C:\Windows > System, add this folder to the list and click on "Start Scan". When the scan is complete, repeat the Custom Scan but this time, browse to and add the System32 folder. Then keep repeating this procedure until all your folders have been scanned. Make sure you include the Documents & Settings folder. 2. If this still does not help, then turn the ADS scanner off while making a Custom Scan. To do this select Scanner > Scan Settings and untick "Scan in NTFS Alternate Data Streams". Then repeat the steps above for performing a Custom Scan. Restart back into Windows normally now. ______________________________________ Please go HERE to run Panda's ActiveScan http://www.pandasecurity.com/homeusers/solutions/activescan/? Once you are on the Panda site click the Scan your PC button A new window will open...click the Check Now button Enter your Country Enter your State/Province Enter your e-mail address and click send Select either Home User or Company Click the big Scan Now button If it wants to install an ActiveX component allow it It will start downloading the files it requires for the scan (Note: It may take a couple of minutes) When download is complete, click on My Computer to start the scan When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post a fresh Hijackthis log along with the Ewido and ActiveScan reports. Also the C:\rapport.txt |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Clearing *.CHM cache without Internet Explorer | Kerlingen | General Discussion | 3 | 09-25-2021 17:01 |
Photospark uncomprehensible behaviour | TmC | General Discussion | 3 | 08-12-2007 06:16 |
Strange Behaviour in DeArmadilled File | TmC | General Discussion | 3 | 02-23-2007 00:40 |
Funny program behaviour | TmC | General Discussion | 0 | 08-30-2006 22:50 |
How to get data sent by Internet Explorer? | sirrysh | General Discussion | 2 | 07-17-2002 12:47 |