Thread: For those that use Smilie Central...
View Single Post
 
Old Sep 04, 2004, 03:09 PM
dexter's Avatar
dexter dexter is offline
Grand Magnate
  
Member Since: Dec 2003
Location: New Jersey
Posts: 3,133
OK, this may be another long one...

<ul>[*]First... don't worry about uninstalling Internet Exporer or any browser. Getting rid of the browser really has nothing to do with the problem... the browser is just the application that lets you look at the internet. There is a ton of other stuff behind the scenes that takes care of the dirty work of connecting to the internet. If you have something malicious that is trying to download stuff, it would be able to do so even with no browser at all installed on your system.

And you can't get rid of that "behind the scenes" stuff because then you wouldn't be able to connect to the internet at all. Might as well just take the easy route and disconnect the phone cord...
[*]Second, you really can't get rid of Internet Explorer even if you wanted to. Don't know if you remember the court cases going on when Microsoft was being sued. You can get rid of some parts of the browser but that is generally not a good thing to do.

When you open a file window on your computer to find or open some files? That window is part of some common code that Internet Explorer uses. At the top of one of those file windows it shows the folder "address", usually shows a little yellow folder icon followed by c:\foldername\anotherfoldername\filename.gif or something... (if you don't see that, go to "View" -> "Toolbars" -> and check "Address Bar")

With a folder window open, try deleting the text in the address bar and typing "www.idexter.com" in there instead and then hit "enter" (make sure you don't have any of old foldername left over, including the "c:]")

Depending on what you have managed to delete, you may get an error message, but more likely you are going to connect to my website. And if you connect, you will recognize that you are still in an explorer window, not in Netscape which is now your default browser... because you invoked the connection directly from IE.
[*]I'm not sure what you deleted, but if you deleted parts of IE directly from the "Program Folders" you should NEVER do that unless you specifically know what you are deleting and the consequences of doing so. You never know what other things are in there that some other program might rely on, and in addition, doing that still leaves all the junk in the registry and anything that program might have installed in your system folder, and if something is messed up it is more likely that one of those two things is doing the messing up, and deleting whatever parts were in the program folder is only going to complicate matters. There are SO MANY TIMES I can't even tell you how many that people have me come over to fix their computers because something is no longer working and the problem is that they deleted something in a folder somewhere that they were "sure" they didn't need.

Only delete things that are your own files... word documents, images you've downloaded, etc... unless you have specific instructions from someone who knows their stuff instruct you to do so.
[*]AOL, I forgot that was in the mix. But you don't browse right through the AOL windows? Instead you use AOL as your ISP and for your email, and use a separate browser to do your web surfing?

That is a perfectly fine thing to do... but people who just browse using their AOL software are using a browser (by definition) that is part of the AOL software... only that browser isn't made by AOL, it is just either Netscape or Internet Explorer that is licensed to AOL and integrated to look like it is all in the same AOL window. AOL keeps changing their contracts... browsers are a big deal, originally it was Netscape that was built into AOL but then they signed a big contract with Microsoft to make it IE instead... Microsoft pulled some clout and would not allow AOL to have a setup routine included in Windows (when you install Windows fresh there is an icon on the deskop that lets you sign up for an AOL account if you don't have internet access yet... obviously that is a HUGE advantage to have that placement, and I think MS said they wouldn't keep AOL's icon there unless they switched from Netscape to IE, and that is part of the reason that Netscape sued them, etc etc etc.

But at some point AOL switched back to Netscape and I eventually lost track. The point is, just by installing AOL you have an additional browser installed, even if you never use it.

But as I said, not to worry, because it isn't the browser that is the problem.
[*]iexplore.exe. That is a legitimate file, no reason to remove it MAYBE. One thing that evil software sometimes does is install software with a legitimate name (from some other software) but they install it in a different folder. You see that name in some folder and don't suspect it, but the file is really something completely different that has the same name and does evil things.

Run a search for iexplore.exe. You should have one in "Program Files\Internet Explorer" (unless you deleted that manually). IF you find one in your system directory (most likely "Windows\System" or "Windows\System32" then that is a likely a known piece of spyware. You will want to be sure before deleting it though.

You won't be able to delete that from the system folder though, you will get an error message if you try. To do so you will have to restart your system in safe mode and then delete the file.

(To restart in safe mode, you have to shut down your computer and then turn it on again, and hit the "F8" key on your keyboard really quickly. It can be tricky, just keep tapping on it rapidly, it kind of has to be done right after the POST "beep" and before anything else starts to happen. If you miss it an Windows starts just try again. You'll know you are in safe mode because your screen will be at the default color and resolution and it will say "safe mode" in all four corners. Make the necessary changes and then restart normally when you are done).

If you find the file in other places let me know where. You may find it in some backup install folders and that's OK.
[*]The "automatic update" may not be a bad thing, where did you see there was an update and can you tell me what it says? If it was a Windows update then that is good and you don't want to stop those. You can always treat those as safe, not because they always are, but because if they ever weren't it would effect so many machines so quickly that it would cause an immediate and major stink that you would here about likely even on the news. I've seen updates that had some bugs that MS had to fix quickly but never saw one that someone had tapped into... MS did distribute at one point (this was many years ago) a CD with some information on it to corporate users, and the CD contained a virus. They found it quickly and issued new disks but it is mindboggling how that could have slipped through quality control and how it could have gotten there in the first place. That made the news .

The "Critical Updates" that Windows downloads automatically are OK (and are a good thing) and anything you find that is an important update on the Windows Update page (which only works if you access it from Internet Explorer) (you can ignore the frivolous stuff there like "destop pattern" themes and things for languages that you don't speak ). Also automatic updates that McAfee downloads (or any antivirus software for those following along) are not only OK but are IMPORTANT. If your antivirus software doesn't download updates automatically at regular intervals then you HAVE to do it yourself. At least once a week, more is better. If you don't do that, your antivirus software becomes useless because it can't check for the newest viruses that are going around.)

If you are finding that some third party software that you don't recognize is downloading something, let me know and we'll see if it is something OK or something nasty.
[*]Bringing the thing in to someone is probably a good idea. I really wish I was nearby, I know I could take care of this for you, it is just difficult without being able to see and "poke around" myself there.

I'm still willing to keep trying as long as you are though. If you want to give me a status report as to what exactly is happening now, what error messages and when they occur, and anything else that is suspicious or flaky.

Maybe also give me a list of everything listed on that startup tab in msconfig. If it is a long list you may have to decide whether it is worth typing it or if it would just be easier to bring the machine in. I can see if I can find something that will capture it to a file automatically maybe. It is going to be harder for you to type than for me to read so don't worry about my end. I would only want the two columns that say "startup item" and "command"
[*]If you do bring the machine in, find someone you trust. Not everyone knows what they are doing. You don't want to pay someone to have it look like it is fixed because they poked around until they fixed the symptoms without curing the root problem. It may be tricky to get a warranty for that. If popups reappear in a few weeks they may claim that they fixed it and you downloaded the popup stuff again... and to be honest there isn't much way to be sure that that isn't what happened, they come from such unexpected places.
[*]There is a very recent Windows update, a BIG one, called "service pack 2" (SP2)... large and a long download. It has a LOT of changes toward system security, including a revamped firewall and some things to prevent popups from installing themselves.

After installing SP2 you may notice some system changes. The new firewall is a good one that monitors whenever ANYTHING tries to connect to your computer. So it is almost certain that it will come up when you try to use certain pieces of software, and you will have to decide whether to let it connect or not. It also may inhibit the operation of some games, a lot of games now use the internet for gameplay.

I waited a bit to install SP2 to see if others had problems, but I've had it installed for I think 2 weeks now? Maybe 3? with no problems whatsoever with any of my software, not my "common software" or my graphics software. I don't have ANY games installed here though so I can't speak to how those might be effected.

------------------------------------
--http://www.idexter.com
__________________
------------------------------------
--
-- The world is what we make of it --
-- Dave
-- www.idexter.com
Reply With QuoteReply With Quote