IE 6.0 (Win2K OS) Not Working after VX2 deletion

Discussion in 'privacy problems' started by Q Section, Jul 29, 2004.

Thread Status:
Not open for further replies.
  1. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Re: Why?

    Is there some reason you are trying to "fix" IE 6.0 rather than downloading a new copy from here?
    By the way....did McAfee not protect you from a virus or did you not have it installed at the time?



    Note: Posts split off from this thread in the General Topics Forum: https://www.wilderssecurity.com/showthread.php?t=43078 and into a new thread here in Privacy Problems Forum, as per IM with member, chew - snap
     
    Last edited by a moderator: Jul 31, 2004
  2. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Re: Why?

    QSection

    Btw, it's not this PC ... it's the other one with Win 2K OS.

    I did download again from Microsoft website. But it did not work. You see when I deleted the virus I deleted some of the directory path, registry whatever on my system as well. Basically, I think the virus was hooked on some of the programmes hence deleting the virus also meant deleting some programmes which I shouldn't ...

    VX2 was kind of a spyware / adware / data miningware whatever it was and was on the system because at that time I had problems with updating my Mc Afee AV. I caught the VX2 before my McAfee was fixed. After that, and with further installation of Anti-softwares, I managed to clean everything up using SpySweeper 2.6.1. but the VX2 Variant was a new one hence, it did not completely eradicate it.

    When I did a scan again using latest Ad-aware 6.0, it was detected again but then the problem started when I deleted the VX2 without noticing that it was hooked on my Registry Key. A big chunck of the Registry Key was wiped out but for whatever reason they are still there i.e. the Registry keys but not visible.

    So I guess it was the remnant of VX2 virus that reappear. Apparantly, VX2 is getting more difficult to get rid of now and I think it has overtaken CWS virus ...

    So there you go ... I am not going to sit and wait for the virus to attack but I am just going to take the hard way out by learning to use other OS such as Linux SuSE 9.1. Pro or Apple Mac ... I am not afraid of learning but just getting a bit paranoid about constant hassle from virus ...

    :)

    P/s: One of the Ad-Aware forum crew is actually helping now. Very good forum support from Ad-Aware and I like Ad-Aware 6.0 too. Just watch out when you're deleting something if it is attached to Reg Keys ... that's my downfall ...
     
  3. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Re: Why?

    chew -

    Thank you for the reply. We only wished you had been using the anti-virus programme that we are using. You would not have been infected. Oh well, it is a good learning experience though. We wish you the best in re-setting your software and security arrangements. :) Please keep reading here at Wilders so you may gain even more knowledge!
     
  4. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Re: Why?

    SoConfused ... sorry to hear about your Dad's pc. I guess the best bet is to back up all the data and get the PC to the nearest software repair shop to get them reformated ... not the best solution but at least you can start fresh again. Also get him to use Mozilla Firefox and get all Anti-virus softwares up to date.

    For my Win 2K Pc if it cannot be help ... oh well ... I guess I just have to go down the route of Reformating ...

    QSection ... what AV software are you referring to? At the moment for my Micro$oft PC the only thing lacking is Firewall (but I do use XP own Firewall though) ... I am evaluating Sygate, Kerio and Look 'n' Stop ... Zone Alarm ... hhmmm ... might have a look at that one too.

    As far as I am concerned ... I guess moving to another OS is the best option in the long run. Since I don't play games and I prefer the bare mininum of the system ... I guess anything will be fine for me so long as it is secured and I can surf net with peace of mind. Watching DVD ... hmmm ... the telly can do that. So I guess I am not your typical power user really.

    But I do like all those gadgets ... i.e. fiddling with them ... hardwares and softwares ... d'oh!

    :)

    P/s: Yes, I will continue to read this forum and I guess I will just have to get use to different OS that's all.
     
  5. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Re: Why?

    chew -
    The firewall in XP is less than useless as it does not stop anything from going outbound and the inbound protection is questionable as well. Please consider Outpost Firewall but there are some other firewalls that should do nominally. We say Outpost because it passes many, many firewall tests. In fact we believe there is no other firewall which passes more firewall tests and is so very configurable - more than most.

    We are using 98SE and the Maxthon browser (which is based on the IE engine) and our computer is very secure. (For those who have not read it elsewhere - this computer is only used in non-mission-critical situations.) The computer is not so secure because of those particular programmes but because it has practically every available security protocol applied to it. Other programmes whether they are browsers or operating systems are as susceptible to mal-ware but perhaps because they are not as popular have not had as much scrutiny applied as to how to secure them quite as tightly. There are many who would say that it is a better choice to use another browser and/or another operating system but there has not been to date evidence from competent third-party experts that using Mozilla or Opera or Netscape or other browsers and using Linux or Macintosh/Apple is inherently safer. True, some of those others are not susceptible to some of the intrusions and exploits to which IE and Windows are but then those mentioned above have exploits not available to IE and Windows!

    Scenario - two computers with the same hardware - one with XP/IE and the other with Linux/Mozilla. Both have the maximum known security protocol applied. Can one expect to be any more secure than the other? We think not. Has anyone with the "maximum security protocols applied" been a victim of a mal-ware exploit/attack? Reading many posts here in Wilders for a year and a half has not revealed such to us although it is possible as we have not read every post here. Most of the time when someone comes here whose computer has been attacked they are advised on how to both clean/fix the damage but more importantly how to secure the computer better (with the resident O/S and browser).

    Again - best wishes on your ongoing project and if anyone has heard of or experienced a successful attack with a fully layered computer please let us know.

    Be seeing you.
     
  6. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Re: Why?

    As you have IE installed before the OS won't allow you to install it again. So you have to trick your OS and let it think IE is not installed. This can be done by editing the registry. As always make a backup of the registry if you are not familiar with it.

    Follow these steps for repairing Internet Explorer 6:

    1. Click on the Start button and then click on the Run option.
    2. In the Open field type regedit and press the OK button.
    3. Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}
    4. Under that key you will see a entry named IsInstalled. Right click on that entry and left click on Modify.
    5. Change the Value from 1 to 0.
    6. Exit regedit.
    Follow these steps for repairing Outlook Express:

    1. Click on the Start button and then click on the Run option.
    2. In the Open field type regedit and press the OK button.
    3. Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
    4. Under that key you will see a entry named IsInstalled. Right click on that entry and left click on Modify.
    5. Change the Value from 1 to 0.
    6. Exit regedit.
    If you would like to repair both Outlook Express and Internet Explorer 6 then do both fixes above.


    When you have finished modifying download/install your new copy of IE6.
     
  7. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Re: Why?

    Hi Gerardwill

    Thank you for you advice.

    But what/how do I do that when I can No longer use IE6.0 to log on to WindowsUpdate site to download new IE6.0? My IE.6.0 is practically dead now ... I am only using Firefox 0.9.2 now ... but I do notice the system being slower than before the problem started.

    (Basically I deleted the VX2 using Ad-aware 6.0 without realising it got a hook on the Reg Keys. The problem started after that ... )

    This is the link I posted on ad-aware site for help but am still waiting for the next reply from Option^Explicit ... so far no reply ...

    So if you feel like having a look in detail (the whole story) of what actually happened you can try reading this thread I posted there.

    http://www.lavasoftsupport.com/index.php?showtopic=38031

    The thread was then split into two and and continue here ...

    http://www.lavasoftsupport.com/index.php?showtopic=38681&st=0&#entry277715

    So any advice you can give would be helpful.

    Thank you

    Chew

    P/s: Gerardwill ... I will try your method and see if the downloaded copy of IE 6.0 exe. file is still there ...

    PP/s: Gerardwill ... OK just tried it just now ... Nope! Not working at all ... same.
     
    Last edited: Jul 31, 2004
  8. MikeBCda

    MikeBCda Registered Member

    Joined:
    Jan 5, 2004
    Posts:
    1,627
    Location:
    southern Ont. Canada
    Re: Why?

    One other thing you could try, maybe a long shot, is check with your ISP's help desk, if they're any good. With mine (an excellent large regional independent), their "startup" CD includes among other things IE-6, Eudora, and all kinds of other odds and ends a newcomer would find useful. Slightly older versions in most cases, but if you can get them up and running properly then updates/upgrades should theoretically be a snap.
     
  9. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Re: Why?

    Hi Chew, have you tried the following:

    Start
    Set Program Access and Defaults
    Custom

    Tick
    Enable access to this program (Internet Explorer)

    Then you should have access to Internet Explorer back to be able to download IE 6.1

    You may also want to see the following thread with Tony Klein's reply:

    https://www.wilderssecurity.com/showthread.php?t=43248

    Hope this helps...

    Cheers :D
     

    Attached Files:

    Last edited: Jul 31, 2004
  10. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Re: Why?

    MikeBCda ... Yes, I am thinking of that as a last resort.

    Blackspear ... tried that ... setting as Defaults for IE 6.0 ... no go. Problem still there.

    But I have not tried Tony Klein solution yet ... will try it tomorrow and see if it will work.

    Thanks guys and keep the solutions coming.

    Oh ya ... I am waiting for the Snapdragin (moderator) to help me start a new link rather then going off topic on this thread here. (done ;) - snap)

    Cheers

    Chew :D
     
    Last edited by a moderator: Jul 31, 2004
  11. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Re: Why?

    Hi Chew,

    I did the trick with Outlook Express in the register. OE was damaged but I wasnt using it for a long time. So I changed the Dword into O. Downloaded IE SP1 from the MS site (482 Kb). Then I run the ie6setup.exe and voila it installed the OE part. After a restart OE was functioning again.

    Gerard
     
  12. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Gerardwill ... unfortunately not for my IE6.0. Somehow the IE 6.0 is still not working even I tried your Registry trick ... ok ... need to sleep now.

    Cheers

    Chew
     
  13. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Chew, try this.

    Repair Internet Explorer 6

    While there is certainly no guarantee, the two procedures listed below have restored functionality to IE6 for many users experiencing problems.

    Note: Both methods listed require that the Microsoft Windows XP CD-ROM be available.

    Method 1: Microsoft Internet Explorer 6.x Repair for Windows XP

    * From the Start menu, select Run.
    * In the Open field, type sfc /scannow (Note: There is a space between sfc and /scannow)
    * Select the OK button.
    * Follow the prompts throughout the System File Checker process.
    * Reboot the computer when System File Checker completes.

    EDIT: I just saw this particular part in another thread from Tony Klein, so that's good enough for me. :)

    Method 2: Microsoft Internet Explorer 6.x Repair for Windows XP

    * From the Start menu, select Search, select All Files and Folders.
    * Select More Advanced Options and place a checkmark beside Search Hidden Files and Folders option.
    * Ensure that Search System Folders and Search Subfolders are also checked.
    * In the All or Part of the File Name box, type ie.inf
    * In the Look In drop-down menu, select C: or the letter of the hard drive that contains the Windows folder.
    * Click the Search button.
    * In the search results pane, find the ie.inf file located in Windows\Inf folder.
    * Right click the ie.inf file and click Install on the context menu.
    * Reboot the computer when the file copy process is complete.

    http://www.theeldergeek.com/repair_ie6.htm


    OR:

    Try redownloading the FULL IE6 SP1 again.. can be up to 44Mb though, depending on what's needed, you can do this in Firefox, dl to desktop and install, you don't need IE's WU to work.

    http://www.petri.co.il/download_the_full_ie_package.htm

    Make sure read the whole article though, thoroughly understand what's involved. ;)

    OR:

    From Microsoft itself, which Qsection posted above for the full IE6sp1 version as it states the dl can be from 11Mb to 75Mb. **ouch**

    http://www.microsoft.com/windows/ie/downloads/critical/ie6sp1/default.mspx

    Cheers, TAS
     
    Last edited: Aug 1, 2004
  14. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
  15. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Cheers Tassie Devils for the info.

    But my gf's laptop is on Windows 2000 and IE 6.0 browser.

    By the way ... these are the two VX2 nasties I deteled.

    Check out the Log from Ad-aware 6.0 below before I deleted them and got into trouble.

    The summary will show you the actual Reg Key being deleted ... and the link to my thread in Ad-aware forum. Feel free to have a look ... all helps welcome.

    http://www.lavasoftsupport.com/index.php?showtopic=38031

    Started registry scan
    ________________________________________
    VX2 Object recognized.
    Type: Reg Key
    Data:
    Category: Data Miner
    Comment:
    Rootkey: HKEY_LOCAL_MACHINE
    Object: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{30000273-8230-4DD4-BE4F-6889D1E74167}

    Performing conditional scans..
    ____________________________________________
    VX2 Object recognized!
    Type: File
    Data: bi.ini
    Category: Data Miner
    Comment:
    Object: c:\winnt\
    File size: 241 KB
    Created on: 5.4.2004 17: 10:24
    Last accessed: 21.7.2004 23:00:00
    Last Modified: 21.6.2004 07:48:28


    Those were the only two files I deleted.

    According to Ad-aware forum support team ... they also recommended a straight delete using Ad-aware and my case was the second case that they encoutered after deleting those files, that resulted in I.E.6.0 would not work anymore ...

    So there you go ... will read the recommendation later on ...

    Cheers

    Chew

    P/s: Tassie Devils ... I have just tried the method 2 you suggested above (by Tony Klein & Blackspear) ... The IE 6.0 SP1 temporary worked ... for a while ... but when I re-applied the Windows Update Security Patches ... the whole IE6.0 SP1 went back to the same old problem. Very very very slow ...

    The funny thing was that when I tried Method 2 again ... the 2nd time it did not even work or speed up the download for a webpage at all ... hmmm ...
     
    Last edited: Aug 2, 2004
  16. beetlejuice

    beetlejuice Registered Member

    Joined:
    Oct 12, 2002
    Posts:
    8,523
    I recently got rid of a VX2 infection on my PC. I don't know anything about Win2K, but if you've got system restore or Goback installed, run it back to before you deleted the files. When I purged mine I had an IE window open to PestPatrols web site deleting everything they recomended. I didn't experience any slowdown of any kind, either on the OS 98SE or IE. Maybe the trick is having an IE window open.
     
  17. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Hi Beetlejuice

    Unfortunately, the Win2K Os does not come with Restore function ... if there is one I am not awared of. Is there one?

    Anyway, yes, I would have done the Restore thingy ...

    Cheers

    Chew:D
     
Loading...
Thread Status:
Not open for further replies.