 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Forum / Internet Explorer / IE 5.x / April 2004Looking for insight on wierd symptoms in IE6
I had posted a message in a Security branch of TechNet's newsgroup but have had 0 response so I thought I'd try here I recently found identical symptoms on two PC's. One is a home PC that sits behind an out-of-the box router (the firmware was upgraded) and has Norton Internet Security for firewall and virus protection (lots of spyware on this PC!) The other is on an employee's PC that has Symantec Corporate Antivirus and our corporate firewall(s) and policies protecting it (no spyware found on this PC). Both had Virus definitions and Windows security updates all up-to-date. Both machines are Windows 2000 PC's with IE6 and MSN installed. No malicious symptoms (open ports, unknown processes or services running, obvious registry changes) were noted on either PC The weird symptoms are 1) The "Delete Cookies" button on the General tab in the Internet Options tool is missing 2) There is a blank "Miscellaneous" entry in the Security Settings screen you get when editing the Custom Level settings for the Internet zone on the Security tab in the Internet Options tool. This blank entry has two radio buttons checked on (prompt and disable). (There are other blank entries in other settings pages found but this is the first I noticed. 3) The Help -> About Internet Explorer page shows the IE5.5 logo and yet shows the version to be 6.0 Both PC's were being looked at for different issues. The home PC had spoolsvc continuously shut down when restarted. The employee's PC entered into a continuous reboot cycle after a reboot (rebooting itself shortly before reaching the Login screen--the reboot issue was resolved with a W2K OS repair) Suspecting a W2K SP4/IE6/April 13 updates problem, we rolled back the Apr 13 Security updates on the work machine but the problem persisted. An IE6 repair failed (not sure what err msgs) and IE6 uninstall/reinstall cleared the above symptoms but netted Windows startup err msgs like: "winlogon.exe - Entry Point Not Found : The procedure entry point SaferSetLevelInformation could not be located in the dynamic link library ADVAPI32.dll." (And the same msg with shmgrate.exe, Synchronization Manager:mobsync.exe, Symantec AntiVirus Corporate Edition:vptray.exe, and WMS Spooler:MAPISP32.exe entry points not found in ADVAPI32.dll. Any insight anyone could offer would be greatly appreciated! 1. Check your system for "hijackware": Help with Hijackware http://aumha.org/a/parasite.htm http://aumha.org/a/quickfix.htm http://mvps.org/winhelp2002/unwanted.htm http://www.mvps.org/inetexplorer/Darnit.htm CoolWebSearch Chronicles http://www.merijn.org/cwschronicles.html Run these tools in the following order with nothing else running in background: 1. CWShredder (fix all found) 2. Ad-Aware (fix all found) 3. Spybot (RTFM but generally fix everything in red) Important: You *must* seek updates for Ad-Aware, Spybot, etc., before each and every use, even "right out of the box". But even they can't catch everything, 24/7. When all else fails, HijackThis (http://www.spywareinfo.com/~merijn/files/HijackThis.exe) is the preferred tool to use. It will help you to both identify and remove any hijackware/spyware. **Post your files to http://forums.spywareinfo.com/ or http://forum.mvps.org/viewforum.php?f=30 for expert analysis, not here.** [Alternate download pages for many of the above tools may be found at http://aumha.org/a/parasite.htm.] Also update your virus definitions and then run a full system scan. From now on, do both daily. So How Did I Get Infected Anyway? http://boards.cexx.org/viewtopic.php?t=957 2. IE6-specific newsgroup: news://msnews.microsoft.com/microsoft.public.windows.inetexplorer.ie6.browser -- HTH - Please Reply to This Thread ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE), AH-VSOP AumHa Forums http://forum.mvps.org/ What You Should Know About Spyware http://www.microsoft.com/mscorp/twc/privacy/spyware.mspx > I had posted a message in a Security branch of TechNet's newsgroup but > have had 0 response so I thought I'd try here! [quoted text clipped - 37 lines] > > Any insight anyone could offer would be greatly appreciated! |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.