# I.E. only works in safe mode?



## karl hungus (Sep 15, 2004)

Hi There, 

I have a really strange problem, I.E. will only function in safe mode. This started last week, it was fine for the last two years. On a regular boot it'll only give me the "could not open/test network error page". Nothing else seems wrong but I can't access the network through games or Kazaa in normal mode either.

I looked around in the forums and didn't see anyone complaining about a similar error. I'm running XP on a 2.4 P4 with 1024mb. The problem occured when I downloaded DirectX 9c of all things. I've deleted and re-installed XP three times, installed service pack 2, had more problems and have gone back to just the critical updates. I've re-installed and repaired I.E. 6 several times, I've run 10 different anti-virus/spy removal programs (Avast, spysweeper, Panda online, microtrend, spybot, ad-aware, cws-sredder, spy-doctor, sygate firewall, A2, ect...) I've repaired my registry sfc/ scannow, I've powered off my modem, checked my nic card, released/renewed my I.P., I've run the Winsock repair tool. Man I'm at my the end of my rope here... 

I hate asking for help but I want to get to the bottom of this. My only thought was that some how critical files to load I.E are being blocked by one of my anti-virus/spy-removal apps or there's a nasty virus that is going un-detected that can't function within Safe mode. What exe's are required by XP to run I.E. ? Any help would be awesome, I can log Hijackthis but I didn't see anything suspicious running in there but I don't know what all the exe's represent in my running tray, although there is 3 svchost processes running is that normal?


----------



## Elvandil (Aug 1, 2003)

Several svchosts running at once it not at all unusual. It is a "host" for other running services and that it to be expected. Watch for minor misspellings, though. "Scvhost" and other minor spelling changes mark some malware.

Sounds like you've tried about everything, but I'd suggest trying a repair of TCP/IP and Winsock2. These can be damaged by removing malware at times.

Run this registry file to repair Winsock2:

http://home.columbus.rr.com/magicchef/WinsockFixXP.reg

After rebooting, if you still have problems, repair TCP/IP. Go to Start > Run, and type:
cmd <Enter>

At the command prompt, type:
netsh int ip reset c:\resetlog.txt <Enter>
(provided, of course, that C: is your system drive letter).

Changes and repairs made will be logged in the resetlog.txt file in your root directory.
------------------------
If all that doesn't help, how did you go about the repair of IE last time?


----------



## karl hungus (Sep 15, 2004)

First off, thanks for your quick reply and your suggestions.

I ran the winsock utility you recommended as well as the TCP/IP script. It still wont't allow me to connect in "Normal" mode, it just searches for 5 secs and then times out. On the bottom left of the ie window, it quickly flashes something about a DNS error before it gives me the "can't connect" screen but this might be normal. 

As for how I repaired i.e. last time, I used the repair tool as well as re-installing it via microsoft.com. I'm just confused as why it would work in safe mode and not normally. I've tried using a host file and disabling the DNS as well.


----------



## Elvandil (Aug 1, 2003)

It sounds like a BHO or something else that is only loaded in normal mode (obviously). If you have SP2, just disable the browser add-ons in Tools and turn them back on one at a time after you get connected to find out what the problem is.

You could also try BHO Demon to see what you can prevent from loading.

http://www.definitivesolutions.com/bhodemon.htm

A complete reinstallation of IE is a bit difficult in XP. You need to have altered the registry to report that IE is not installed before you can reinstall it. Is this the method you used?

Any changes to services? Are both DHCP and DNS set to automatic?

Try connecting and then going to Start > Run, and typing:
cmd

At the command prompt, type:
ipconfig /all

What does it report about DNS? Is a DNS server address assigned?


----------



## karl hungus (Sep 15, 2004)

Okay, BHO Demon doesn't show anything being loaded.

You're right I didn't do a proper un-install of IE, I forgot about the reg keys and all that, I'm kinda weary of doing this as I don't want to cause more issues. I just repaired it and re-installed it with the Win installer and the service pack SP1.

Under the ipconfig, I'm getting DNS and DHCP IP's. I turned off DNS as Black Viper suggested on his site that it wasn't necessary, though it hasn't made a difference. 

There is one thing that is a bit strange, My network connection #1 the Realtek RTL8139 PCI Fast Ethernet NIC is disabled under device manager as it says its not plugged in (Yeah Right) As I'm plugged into it and online using it in safe mode at this very moment. It seems to be using connection #2 intel pro/100s desktop adapter for the connection. I only have the one nic, is this connection #2 a function on the motherboard or something? Ora bridge from my nic (not sure what a bridge does?) I've tried repairing and enabling the #1 connection with no luck, but I don't think this is the problem as it was this way when the IE was working in "normal" mode two weeks ago as well. 

I am getting drivers not installed for Multimedia audio controller, USB controller and SCSI controller in my device manager highlighted by a "yellow ?". Windows and my XP disk can't seem to fix this, although my USB printer and sound card still work in normal mode. Would I need to flash my bios and cmos to fix this? And would flashing my cmos and bios force me to reinstall XP again?


----------



## Elvandil (Aug 1, 2003)

Let's look at the larger issues here. What motherboard do you have? These multiple problems are no doubt intertwined and may be all due to similar or the same cause.

If you don't know the details of your mb model, try the PCWizard to see what it will tell you, and if you have a brand name machine, what make/model?

http://www.cpuid.com/pcw.php

I don't think I'd go the flash route just yet as this constellation of symptoms doesn't jibe with something as simple as an outdated BIOS.


----------



## karl hungus (Sep 15, 2004)

Okay my motherboard is a MSI 645E Max2 (MS-6567). 

Yeah I didn't think it was the Bios as the motherboard is only a year or so old and I have the lastest version already, but I'll try anything at this point.

Thanks again for all your help, I'd back-up and format everything (80gigs) but I'd have to kill myself if the problem came back, which I suspect it would.


----------



## Elvandil (Aug 1, 2003)

I'm having a little spyware problem of my own at the moment, but I'm going to see if there are any chipset drivers for that board. It looks like it is an SiS board.


----------



## karl hungus (Sep 15, 2004)

Thanks, Good luck on the spyware, I ran ad-aware on the company laptop and got 260 hits lol. I try to keep on top of it the best I can on my P.C. though.

Is the NIC a suspect? I'd drop the $20 on a new one if so, but that'll buy some cheap wine to comfort me just the same.


----------



## Elvandil (Aug 1, 2003)

Is Kazaa still on that machine? That keeps popping back into my mind. Even if all the malware that it brought with it has been found and removed, the damage had already been done and was not undone by removing the cause.

All these driver problems are perplexing. How long have these splotches been in Device Manager?

What do you think about resetting all your hardware so that it will be redetected and then performing a repair installation?

The fact that all was well with the current BIOS for 2 years doesn't support the idea that a flash would be needed at this point.

Have any changes been made to the BIOS settings?


----------



## natcom (Sep 21, 2003)

download this program http://www.majorgeeks.com/download.php?det=3155 and post the log here make sure no open programs before you run it and we can take a look if is some kind of spyware that is doing this


----------



## nirg (Aug 1, 2008)

Asside from getting rid of all trojans it was necessary to uninstall untiviruses\protecting programs (microsoft safe family something...) Guess reinstalling them again after is a possibility 

Thanks for the help !

Nir


----------

