PaulG said:
Hi
I recently cleaned a badly infested Windows XP Pro machine. The virus
scanner now reports clean, and nothing else is being ran other than the
standard windows processes and some application processes.
However, when I start Windows there is 2 iexplore.exe running, one taking
120MB of RAM up. IE 7 is installed. There is no IE7 windows, or anything in
the system tray.
I have checked all startup locations, Start Menu, Registry, but I can see
nothing to suggest where these .exe are being launched.
Can anyone help.
Thanks.
Hi Paul,
Try these steps and let us know:
Open a run command and type in:
iexplore -extoff click [OK] and then Reboot your machine, does this Help?.
Open a Run command and type in
regedit.exe click [OK] and locate these Keys:
[-]HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
= what in the Right Pane/Window do you see odd entry for a virus?.
[-]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run=
Look in the Right Pane/Window is there is any other Iexplore running or a
fishy one/.
You can see the above Registry by downloading the AutoRun and Click on
Registry and Explore process running:
AutoRuns for Windows v8.61:
http://www.microsoft.com/technet/sysinternals/SystemInformation/Autoruns.mspx
Also go through these cleaning steps:
1... Click start >> Control Panel >> Double Click Network and Internet
Connections >> Double click Internet Options, on the IE Properties window
you will see these Options:
General | Security | Privacy | Content | Connections | Programs
| Advanced .
Click on General Tab (1st Tab on the left) and you will see a Button called
[ Clear History ..] click on it to clear your History caches, then click on
[Delete Files..] to delete Internet Files created over the time, click on [
Delete Cookies...] to delete your cookies left by visiting websites.
= Then try to Disable the Add-Ons on your Browser somehow installed on your
browser, On how to disable the Add-ons follow this:
Click on Programs Tab and then click the Manage Add-Ons Button there Disable
the None/Not Verified Plug-ins/Add-ons ( you need to Renable them one-by-one
later and see which is the culprit or you can send them here in your next
post) and click [OK] to confirm your Changes.
Click on Advanced Tab and scroll down under the browsing option and uncheck
this box:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) and click Apply
then OK to close your IE Properties.
2.... And also for malwares from here:
http://www.lavasoft.com/products/ad-aware_se_personal.php
http://www.safer-networking.org ; for Spybot S&D
Download and install after installing this software and
update then run a scan in both safe mode and normal:
http://free.grisoft.com/doc/5390/lng/us/tpl/v5
HTH.
Let us know.
nass
