Solution re inaccurate HTML rendering in IE/OE

[Jan Works]

To close this loop, I'd like to state that hijackware and its ilk are not
always the catch-all blame for every problem ... In my case (discussion
below) it was a corrupted registry key in the Accessibility module. Someone
in the XP forum pointed me in the right direction and I found a repair
routine that fixed it.
--
Jan
--------------------------------------------------------------------
Until you post a HijackThis log to an appropriate forum and are given the
"All Clear", hijackware remains the most likely problem IMHO, Jan.
--
~PA Bear

I had to reinstall because the registry was hopelessly fouled. I think it
came about because I mapped a drive from the other computer and then made
the mistake of using the File & Setting Transfer wizard.... it created a
huge and unwieldy registry, with entries for programs that I never
intended to install on the new computer. It was easier to start all over
again, and yes, of course, I followed the procedures to avoid spyware and
applied all updates immediately. I routinely run AdAware, Spybot and
CWShredder... updating first, so I'm relatively certain I'm not
contaminated. I have also performed an XP repair. The only problems with
IE I have are when I try to access the MS support site--see my message to
R.Aldwinckle.

jan

...I had to reinstall XP completely a couple of weeks ago and that's
when all this started.

Oh? Why did you have to reinstall XP? After reinstalling, did you
*immediately* take care of everything at the following page?

Before You Connect a New Computer to the Internet
http://www.cert.org/tech_tips/before_you_plug_in.html

My good buddy Robert Aldwinckle and I are seeing eye-to-eye on this,
Jan: Either your display settings are wrong or you've got some malware
which has "hijacked" the settings usually found in Accessibility. A
CoolWebSearch variant is most likely and the just-released Ad-aware SE
has been doing a good job on CWS so far:
http://www.lavasoftusa.com/support/download/. Make certain you seek
updates before each and every use, even "right out of the box" new.

<canned "hijackware" response>

Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/Darnit.htm

CoolWebSearch Chronicles
http://www.spywareinfo.com/~merijn/cwschronicles.html

Run these tools in the following order with nothing else running in
background:

1. CWShredder (fix all found)

2. Ad-Aware (fix all found)

3. Spybot (RTFM but generally fix everything in red)

Important: You *must* seek updates for Ad-Aware, Spybot, etc., before
each and every use, even "right out of the box". But even they can't
catch everything, 24/7. When all else fails, HijackThis
(http://www.spywareinfo.com/~merijn/files/HijackThis.exe) is the
preferred tool to use. It will help you to both identify and remove any
hijackware/spyware. **Post your files to
http://forums.spywareinfo.com/ or
http://forum.aumha.org/viewforum.php?f=30 for expert analysis, not
here.**

[Alternate download pages for many of the above tools may be found at
http://aumha.org/a/parasite.htm.]

Also:

1. Download and run Stinger (http://vil.nai.com/vil/stinger/); then...

2. Update your virus definitions, enable Show Hidden Files

(http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2002092715262339)

and then run a full system scan in Safe Mode

(http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406)

with nothing else running in background. Note the files identified and
removed then find the corresponding page for the file at your AV maker's
online support pages (e.g.,

http://securityresponse.symantec.com/avcenter/venc/data/adware.winfavorites.html)

and follow all Removal steps.

WinXP Only (WinME similar): If this scan finds anything, create a new
Restore Point then Disk Cleanup > More options > Delete all but the most
recent Restore Point.

3. Check in at Windows Update.

So How Did I Get Infected Anyway?
http://boards.cexx.org/viewtopic.php?t=957

</canned "hijackware" response>

 

[Jan Il]

Hi Jan Works

To close this loop, I'd like to state that hijackware and its ilk are
not always the catch-all blame for every problem ... In my case
(discussion below) it was a corrupted registry key in the
Accessibility module. Someone in the XP forum pointed me in the right
direction and I found a repair routine that fixed it.

Glad to hear that you were able to find a solution for your problem. Thank
you for letting us know what worked for you, and for the benefit of other
readers who might have a similar problem. Good job!


Jan (Jan Il)
Smiles are meant to be shared,
that's why they're so contagious.

--------------------------------------------------------------------
Until you post a HijackThis log to an appropriate forum and are given
the "All Clear", hijackware remains the most likely problem IMHO, Jan.

I had to reinstall because the registry was hopelessly fouled. I
think it came about because I mapped a drive from the other computer
and then made the mistake of using the File & Setting Transfer
wizard.... it created a huge and unwieldy registry, with entries for
programs that I never intended to install on the new computer. It
was easier to start all over again, and yes, of course, I followed
the procedures to avoid spyware and applied all updates immediately.
I routinely run AdAware, Spybot and CWShredder... updating first, so
I'm relatively certain I'm not contaminated. I have also performed
an XP repair. The only problems with IE I have are when I try to
access the MS support site--see my message to R.Aldwinckle.

jan

...I had to reinstall XP completely a couple of weeks ago and
that's when all this started.

Oh? Why did you have to reinstall XP? After reinstalling, did you
*immediately* take care of everything at the following page?

Before You Connect a New Computer to the Internet
http://www.cert.org/tech_tips/before_you_plug_in.html

My good buddy Robert Aldwinckle and I are seeing eye-to-eye on this,
Jan: Either your display settings are wrong or you've got some
malware which has "hijacked" the settings usually found in
Accessibility. A CoolWebSearch variant is most likely and the
just-released Ad-aware SE has been doing a good job on CWS so far:
http://www.lavasoftusa.com/support/download/. Make certain you seek
updates before each and every use, even "right out of the box" new.

<canned "hijackware" response>

Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/Darnit.htm

CoolWebSearch Chronicles
http://www.spywareinfo.com/~merijn/cwschronicles.html

Run these tools in the following order with nothing else running in
background:

1. CWShredder (fix all found)

2. Ad-Aware (fix all found)

3. Spybot (RTFM but generally fix everything in red)

Important: You *must* seek updates for Ad-Aware, Spybot, etc.,
before each and every use, even "right out of the box". But even
they can't catch everything, 24/7. When all else fails, HijackThis
(http://www.spywareinfo.com/~merijn/files/HijackThis.exe) is the
preferred tool to use. It will help you to both identify and
remove any hijackware/spyware. **Post your files to
http://forums.spywareinfo.com/ or
http://forum.aumha.org/viewforum.php?f=30 for expert analysis, not
here.**

[Alternate download pages for many of the above tools may be found
at http://aumha.org/a/parasite.htm.]

Also:

1. Download and run Stinger (http://vil.nai.com/vil/stinger/);
then...

2. Update your virus definitions, enable Show Hidden Files

(http://service1.symantec.com/SUPPOR...m/avcenter/venc/data/adware.winfavorites.html)