• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 784
  • Last Modified:

Internet Explorer is broken!!!

My customer's PC got infected with a rogue AV amongst other things. I've got it all cleaned up and secure but now IE8 is broken - "cannot display the web page".
I've uninstalled and reinstalled IE8. Tried IE7 when IE8 was uninstalled - no go.
I can ping the google website from a command prompt. Installed google chrome and had the same problem - but didn't give me the option to NOT import settings from IE.
I just installed FireFox 3.5 and did NOT import settings from IE and it works!!!
Any idea how I can fix IE?
O/S is Win XP Pro with SP3. AV is Sophos SBE AV plus Sonic Wall hardware firewall.
PC is attached to a Windows Server 2003 SBS domain (no exchange server).

1 Solution
gregmiller4itAuthor Commented:
I also have run "scf /scannow". Nothing was reported.

Also, since I've got Firefox working and set as the default browser, I uninstalled Google Chrome and then reinstalled it a couple of times.
The first time I re-installed Chrome and it tried to import the settings from Firefox, but since I had Firefox running, it couldn't, so no settings were imported. It still failed to connect to any website.
The second time I re-installed Chrome I let it import the settings from Firefox and it still fails to connect.
Firefox still continues to work though.
IE still doesn't work.

Is there some way to COMPLETELY remove IE? Some way to get rid of whatever it is that is blocking the connection?
James MurrellProduct SpecialistCommented:
i have had this and i had to re install windows xp service packs....
gregmiller4itAuthor Commented:
Thanks cs97jjm3 for the suggestion. I have just reinstalled SP3 and it has made no difference.
I still can't connect in IE.
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

What scanners did you use to remove the infection? some scanners Sometimes the damage of these nasties takes time to fix even if a scanner managed to neutralized the infection.

If you haven't yet try ComboFix and show us the log.
gregmiller4itAuthor Commented:
I used Sophos to clean up the system. There had been a problem with the updates at the Sophos Control Centre on the local server, which went un-noticed, meaning that the clients were not realy up-to-date even tho they thot they were. Anyway, when I got it sorted out the updated Sophos AV client cleaned it up.
I have now run ComboFix and IE seems to be working. I got a couple of :Suspicious file:  HIPS/RegMod" notifications while ComboFix was running - not sure if this is a problem or not???
I have attached the log.
ComboFix log shows it deleted some bad files, service and legacy reg entry.

The rest of the log looks fine...

gregmiller4itAuthor Commented:
Hi, I am now back from hols and the problem with IE is not completely resolved after all.
Since I ran ComboFix, IE works under my login - it wasn't working prior to running ComboFix. However, I've just confirmed that IE still doesn't work for the main user; when he logs on and tries opens IE, he gets the same "IE cannot display the webpage" error.
This same user has no problems when logged onto other PCs in the local domain.

Any more ideas?

I don't have any idea sorry... I'll send a request to the Mods so they can alert other Experts to help here.
rpggamergirl requested attention from more experts, and this is what she wrote:

"Broken IE just for one user, corrupted profile maybe....IE reinstall didn't fix it."


- Could it be that this user with the problems has some proxy settings set?
- Have you tried to disable all add-ons in IE to see if there are something blocking access?
- Do you have any toolbars to IE installed? Try removing them. I have seen Ask, Yahoo, MSN, Live and Google toolbars blocking access to intranets and Internet.
- Try to do a reset the IE settings. Tools > Internet Options > Advanced > Reset..  You do not need to delete personal information.
- Try to run comboFix as the user. (It might not be possible because of domain rights)

Please let us know if anything of that helped.

Did you try Restoring to the previous restore point? sometimes this step can be less time consuming to resolve the issue.

I would suggest logging on as the main user and trying out the below on a command prompt:

netsh winsock reset

Then reboot the PC and try to access the internet. This will reset the Winsock back to default state and you might have to re-install some programs that form a part of Winsock chain in the background (it might not be needed, but is a possibility).

Please report back with observations.
gregmiller4itAuthor Commented:
Hi guys,
Thanks for the suggestions.
Jaynir, yep, tried to restore to an earlier time but kept failing.
But, I 've had some joy!
The user could log on and run IE from a differenet PC and after running ComboFix, several other users could log onto this PC and run IE happily. Therefore, I figured it might just be the local profile for that user on this PC. rpggamergirl mentioned corrupted profile in the request to the mod's.
They don't use roaming profiles at this site, so I backed up email, fav's, etc and deleted the local profile. When the user logged on again and a new local profile got created, it all works perfectly!
So, I think that it got infected and then cleaned but in the process some things got messed up. ComboFix sorted most of it out, but the original user's local profile was also damaged.
All is good now and thanks heaps for your perseverance and assistance.
Regards, Greg
"does CF correct all Registry errors or just the 'Current_User'?"

Hi Vee_Mod, as far as I know ComboFix takes care of relevant registry entries. I know MBAM doesn't on a system with multiple users, but ComboFix as far as I know has no problem. Well, I haven't seen nor heard that CF needs to be run for each users to fix registry entries..


Glad to know it's resolved.
Good job.

gregmiller4itAuthor Commented:
See my last post for the details...

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now