//some 3rd party need geo

Persistent infection ... help!!!

  jimmy_wood 13:04 04 Jan 05
Locked

I have been wrestling with an Internet Explorer infection for months now and upgrading to XP SP2 has not cured the problem. I need help bad ... I would also like to punish the gits responsible!

I think the problem stems from 2 copies of iexplore that appear in my list of processes even when I have not started Internet Explorer. I cannot close these down as they keep immediately restarting ... sometimes a name like Bows DVD.exe appears before it changes the process name to iexplore. On starting Internet Explorer I get a blue search bar at the bottom of my screen (with buttons for Casino, Music etc). I can close this search bar down. However the same stuff has appeared in my favourites list and I cannot delete them using the RH mouse button and they do not appear when I enter manage favourites ... I seem stuck with the bloody things. Finally pop-up windows keep appearing even though I have SP2 active (plus Lavasofts free firewall). These processes also seem to be able to change my privacy settings to allow pop-ups to appear from sites like lop, searchweb etc ... but even when I remove these popups still appear ... sheesh.

I have searched the Registry, ini, startup files etc and cant solve the problem. My son also uses the PC and uses WinMX, TraktorDJ and MSN ... is it one of these bits of software that has installed this stuff ... or perhaps a web-site he keeps visiting? This would be useful to know before I contemplate any sort of re-installation.

Advice would be gratefully received.

  holly polly 13:11 04 Jan 05

do you know the name of the application that keeps running post back and i'll see if i can help -regards -hol pol...

  holly polly 13:14 04 Jan 05

click here

some info here

  holly polly 13:25 04 Jan 05

click here

go here and get spysweeper and run it ,though its a trial programme it shhould sort it out also goto lavasofts site and download the free version of adaware run this also ,then get spybot search and destroy run also ,i have all these apps and they are run on a regular intervals ,computing is a messy procedure and unfortunately there is lots of junk out there ,you have to take the inevitable i'm afraid and make it has hard as poss for them to get in ,also do you have any anti virus software on your machine ?
regards -hol pol...

  JoeC 13:36 04 Jan 05
  jimmy_wood 13:40 04 Jan 05

Will try spysweeper ... have adaware and spybot and run regularly (these dont pick up problem). Bazooka scanner picks up a worm called wuamgrd.worm but doesnt auto remove. I have tried following instructions but dont find the Registry entries they say I should.

How can iexplore.exe be the official Internet Explorer and a registered problem that should be removed from Registry at the same time? The fact that these 2 programs that I cannot shut down have the same name as Internet Explorer executable means that I dont know what to remove from Registry?

Is it these processes that are altering my favoutites, adding menu bar and causing pop-ups etc?

  jimv7 13:45 04 Jan 05

Download, install, update free a2 from click here

  jimmy_wood 13:50 04 Jan 05

Was a good read and food for thought. The dummy executable solution seems a good one ... if I can find the executable. This is my problem .. I cant find it. As I say it uses the same name as the official Internet Explorere (although these might be referenced to Bows Dvd.exe or similar ... but cant find these anywhere either except in Prefetch directory .. and they soon appear there again after deletion).

  jimmy_wood 14:07 04 Jan 05

Will try as well.

  Molded 14:30 04 Jan 05

jimmy_wood :

Kids eh!

I see from your original post that your son uses MSN!

Messenger?

I cleaned a friend of my daughter's PC last week and believe me it was a mission.

MSN Messenger has a hole big enough to drive a bus through - It's called "NetSend and Alerter Service" and has to be disabled before you have any chance of cleaning.

Right click My Computer/Manage/Services and Applications/Services and scroll down to Messenger.Right click/Properties and look for the two items you need to alter.

"Startup Type" - change to "Disabled" and "Service Status" - change to "Stopped" by hitting the Stop button. Then exit.

Before you start cleaning disable System Restore.

Advice on which programs to use will vary from person to person, but Adaware,AVG and SpywareBlaster,are a good starting point.

Good hunting :-)

  JoeC 14:31 04 Jan 05

will help, but perhaps worth a look.

FreeFile from

click here

apparently will tell you what process is using a particular file. Might help narrow down the search a little for you.

This thread is now locked and can not be replied to.

What is Google Allo? What is Google Duo? Google Allo UK release date rumours and features: Google…

1995-2015: How technology has changed the world in 20 years

These clever designs help visualise a complex intelligence tool

iOS 10 troubleshooting tips: Simple fixes for the most common iOS 10 problems, from network…