PDA

View Full Version : I have a problem



Davidflude
12-11-2009, 03:12 PM
My virus checker and firewall is reporting attempts to alter Windows Explorer settings and my registry file. I never but never use Windows Explorer only Firefox and Opera.

Can anyone suggest what the problem is and how to fix it

Thank you

Ian Murray
12-11-2009, 03:38 PM
My virus checker and firewall is reporting attempts to alter Windows Explorer settings and my registry file. I never but never use Windows Explorer only Firefox and Opera.

Can anyone suggest what the problem is and how to fix it

Thank you
Just another hijack attempt by the sound of it. Run a malware scanner alongside your anti-virus and see what comes up.

Independent testing rates Advanced System Protector as the most effective, at 99.4% detection. Freeware download at http://download.cnet.com/Advanced-System-Protector-Personal-Edition/3000-8022_4-10904375.html

Spiny Norman
12-11-2009, 05:55 PM
David, FYI, if you run any version of Windows since around about Windows 95 (this means Windows 2000, XP, Vista, etc) then you are running Explorer. Windows Explorer is the software that, amongst other things, is used to allow you to look for files on your PC, it displays the Taskbar at the bottom of your screen where you can switch between programs and so on.

I think you may therefore be confusing Windows Explorer with Internet Explorer, which is another piece of software altogether and is used for web browsing.

If you are getting virus warning messages about Windows Explorer, that is a very serious matter indeed. If the messages are about Internet Explorer, its less serious, but still serious enough (e.g. the guts of Internet Explorer is used right through the operating system in Windows 2000, XP and Vista in order to display any HTML content, such as in Microsoft Word and so on).

As recommended by Ian, get a good malware scanner. Better yet, get two. Only get reputable ones. Google them before downloading and installing, so you can get an idea of whether they are likely to help, as some of them are loaded themselves with malware and will infect your PC!

Ian Murray
12-11-2009, 06:19 PM
Good advice by TSK. I run two - ASP and Malwarebytes Anti-Malware (http://www.malwarebytes.org/mbam.php). Both are safe and non-intrusive.

Spiny Norman
12-11-2009, 06:51 PM
I've been running AVG Internet Security (a paid version) for a couple of years now. I've been very happy with it EXCEPT that I really hate the firewall component, so I have been relying just on Windows Firewall. Given that my PC is behind an ADSL router, the risk would be minimal.

I've not felt the need for an additional spyware/malware scanner/remover before, however on Ian's recommendation I am now downloading Advanced System Protector and will give it a run across my system. Will be interesting to see what it finds, given that I have AVG protection already in place.

One other tool that can be very, very helpful: Trend Micro, a very reputable antivirus company, run an online antivirus/antispyware scanner thingy called Housecall. In situations where a PC is compromised, as long as you can get a web browser session running, you can get an antivirus/antispyware scan done by visiting:

http://housecall.trendmicro.com/au/

Ian Murray
12-11-2009, 07:42 PM
...I've not felt the need for an additional spyware/malware scanner/remover before, however on Ian's recommendation I am now downloading Advanced System Protector and will give it a run across my system. Will be interesting to see what it finds, given that I have AVG protection already in place.

One other tool that can be very, very helpful: Trend Micro, a very reputable antivirus company, run an online antivirus/antispyware scanner thingy called Housecall. In situations where a PC is compromised, as long as you can get a web browser session running, you can get an antivirus/antispyware scan done by visiting:

http://housecall.trendmicro.com/au/
On my last computer, I started getting returned bounced emails, being porn spam sent to Russian and Italian addresses, from my email address but which, I hasten to add, I had not sent. Obviously I'd been botted. I was even blacklisted by Hotmail.

Now I adopt a belt-and-braces approach. I run Panda AV/firewall and spot check with ASP and Malwarebytes. No one shield stops them all, but (fingers crossed) what gets missed on the swings gets picked up on the roundabout.

I was running Trend Micro's RUBotted which was flagging a nasty, but Housecall was freezing before completion. In any case it is very slow - the others are much faster.

Igor_Goldenberg
13-11-2009, 02:28 PM
On my last computer, I started getting returned bounced emails, being porn spam sent to Russian and Italian addresses, from my email address but which, I hasten to add, I had not sent. Obviously I'd been botted. I was even blacklisted by Hotmail.


It is quite possible that your computer wasn't even compromised. Someone might be spamming with you email as return address (requires some fiddling, but quite doable).

Tony Dowden
31-01-2010, 06:24 AM
I don't have a problem.

This is just to bury that (crass to non-techies) i-tampon/pad sub-heading under at least one layer ...