Jump to content


Photo

iexplore.exe stays running even when IE has been closed


  • This topic is locked This topic is locked
3 replies to this topic

#1 Agent24

Agent24

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 03 December 2007 - 08:00 PM

Just reinstalled windows on a new drive (the old one died, clunk of death :weep:)

Only been running for 2 days, but had some strange things happen

1) iexplore.exe will keep running even after closing all internet explorer windows. sometimes it is running more than once. trying to end these processes with task manager or process explorer does nothing. if I reboot they have gone away once windows has started up, but upon using IE again, they come back

2) spybot found some strange registry entires for several spywares, but I never had any of the symptoms that spybot tells me that the spywares cause, it's as if the spywares are not there, but these strange registry entries are.

for example, my spybot log has things like this:

TNS-Search: [SBI $72866050] User settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\asdbiz.biz\*

Bestsearch.Scvhost: [SBI $16B05BC6] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bestsearch.cc\*

Spybot told me that these spywares show ads, run programs, disable certain things but so far I have not seen anything like this happen. all the registry detections seem to be in ZoneMap (?)


3) When going to my homepage (google.co.nz) I do not get the google icon in the address bar, or the current tab. I get a white L above a red line on a black background instead.

All very strange, can anyone here help me please?

#2 KxWaal

KxWaal

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 03 December 2007 - 08:27 PM

Yeah, my virus actually does that to (I posted about three posts under you)
It usually says "GOOGLE" or sometimes "EBAY" in the app. list for me.
The funny thing is I was only using firefox at the time.
Now my computer is messed to the point where firefox won't run proper.

#3 Agent24

Agent24

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 03 December 2007 - 11:23 PM

I was just looking in autoruns and I found these strange entries:

+ ayg2degt File not found: C:\WINDOWS\System32\Drivers\ayg2degt.sys
+ catchme File not found: C:\DOCUME~1\AARONC~1\LOCALS~1\Temp\catchme.sys
+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys
+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys
+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys
+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys
+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys
+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys
+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys
+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys


Are any of these suspicious? even though the files are apparently gone I have disabled all of them. hasn't done anything bad, not has it helped my problem....

#4 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,482 posts

Posted 06 December 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button