How do programs get loaded and run?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have some malware that opens internet explorer and takes me to a website.

I figure there must be a program that loads at startup for that to happen.

I've looked in the Startup tab of MSConfig, and I don't see anything likely
there, and I've looked at the
HKCU\Software\Microsoft\Windows\CurrentVersion\Run, and also
HKCU\Software\Microsoft\Windows\CurrentVersion\Run, and I don't see anything
that looks likely in either of those places, either.

It also happens on an intermittent basis while I'm on line, and sometiimes,
when I go into Task Manager, I will see iexplorer.exe listed as running, even
though I don't have it open. When I close it, nothing bad happens.

So, I'm trying to find out where this bugger is hiding out.

Where else could I look to find it? At some point, it has to be called and
opened.

Thank you.
 
MargaretBartley said:
I have some malware that opens internet explorer and takes me to a website.

I figure there must be a program that loads at startup for that to happen.

I've looked in the Startup tab of MSConfig, and I don't see anything likely
there, and I've looked at the
HKCU\Software\Microsoft\Windows\CurrentVersion\Run, and also
HKCU\Software\Microsoft\Windows\CurrentVersion\Run, and I don't see anything
that looks likely in either of those places, either.

It also happens on an intermittent basis while I'm on line, and sometiimes,
when I go into Task Manager, I will see iexplorer.exe listed as running, even
though I don't have it open. When I close it, nothing bad happens.

So, I'm trying to find out where this bugger is hiding out.

Where else could I look to find it? At some point, it has to be called and
opened.
Click to expand...

Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Include scanning with either Sysclean or Multi_AV, plus AVG Anti-Spyware
(formerly Ewido - http://www.ewido.net/en/) and follow instructions to
do all scans in Safe Mode.

When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the link above (not here, please).


Malke
 
MargaretBartley said:
I have some malware that opens internet explorer and takes me to a website. [...]
Where else could I look to find it? At some point, it has to be called and
opened.
Click to expand...

At www.sysinternals.com (which is now owned by Microsoft) there is a tool called
Autoruns which may be able to help.

Harry.
 
This is a great lead. I've never heard of it before.
Thanks!

Harry Johnston said:
MargaretBartley said:
I have some malware that opens internet explorer and takes me to a website. [...]
Where else could I look to find it? At some point, it has to be called and
opened.
Click to expand...

At www.sysinternals.com (which is now owned by Microsoft) there is a tool called
Autoruns which may be able to help.

Harry.
Click to expand...
 
Back
Top