Solved

Internet Explorer Opens By Itself

Posted on 2004-09-18
10
1,033 Views
Last Modified: 2008-01-09
Internet Explorer Opens By Itself to a page I have never been to before, currently www.lapublichealth.net, I uninstalled Internet Explorer, but it still pops up, I have run
Spybot Search and Destory
Adware 6.0 professional
Stopzilla
Hijackthis
Aboutblaster
Panicware pop up Stopper

This computer is a fresh install, I installled an update antivirus before going onto internet.
W2K Professional
Service Pack 4
Was in in the process of installing the final Critical updates and it started happening.

Please Help, it is not a virus but some sort of hack.

Mark
New Zealand
0
Comment
Question by:markskin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 49

Assisted Solution

by:sunray_2003
sunray_2003 earned 216 total points
ID: 12091444
Hi markskin,

How were you installing the critical updates using Internet explorer or through the internal automatic update program ?

After a fresh install , did you uninstall internet explorer fully ?  

When does IE actually start ?

SR..
0
 
LVL 27

Assisted Solution

by:Asta Cu
Asta Cu earned 213 total points
ID: 12091758
I've found that using AdAware Pro SE with all updates, doing deep scanning (including the HOSTS file), along with Spybot S&D (most current including updates and the Immunize function), work well together to find hidden problems.  Have you tried posting the HijackThis results to this free analyzer for some "hints", though I'd caution you to not automatically take actions as a result of this if you're unclear about the results.  Here is a central repository link where our Experts have shared their insights on fighting malware/spyware intrusions with links and recommendations:
http://www.experts-exchange.com/Web/Browser_Issues/Q_20975384.html

This is the HijackThis log analyzer site (choose your language) and post your log into this analytical tool to see what "may" be noted as problems.  Post only those issues here that may need expert review, versus the entire log.  Often the end-user knows best what programs may be called potential problems, but knows they are not, so taking general actions to remove any possibilities can cause great problems.
http://www.hijackthis.de/index.php?langselect=english
0
 
LVL 27

Assisted Solution

by:Asta Cu
Asta Cu earned 213 total points
ID: 12091768
I'd also again revisit the WIndowsUpdate site, choose the HELP and SUPPORT function on the left panel for your environment, and check the WindowsUpdate Troubleshooter link.
0
Enroll in June's Course of the Month

June's Course of the Month is now available! Every 10 seconds, a consumer gets hit with ransomware. Refresh your knowledge of ransomware best practices by enrolling in this month's complimentary course for Premium Members, Team Accounts, and Qualified Experts.

 

Author Comment

by:markskin
ID: 12093721
I was doing my automatic updates via Internet Explorer, I only uninstalled IE because I thought it might clear up the problem, <<<wrong hehe.

I am at work ATM, so I will try some of your fix's when I get home.
0
 
LVL 49

Assisted Solution

by:sunray_2003
sunray_2003 earned 216 total points
ID: 12093744
0
 

Author Comment

by:markskin
ID: 12094062
I just found 2 exe's in the root of my C: Drive
"ie.exe"
"iea.exe"
And they keep trying to run on my computer, it looks like it is trying to run a DOS screen, and I get a error message asking me:

C:\iea.exe
c:\winnt\system32\autoexec.nt. The system is not suitable for running MS-DOS and Microsoft Windows Applications. Choose Close to terminate the application.

The Plot thickens.
Somehow I also had 180 Search Assistant installed on my Computer, considering all I did was install critical updates and visit no other websites, looks like I got attacked.

Hmmmm whats Winad Client?, uninstalled this as well.

Things look to have settled down, I am using Netscape for the time being (first time in 5 years) .



0
 
LVL 49

Accepted Solution

by:
sunray_2003 earned 216 total points
ID: 12094074
iexplore.exe is the exe file for IE.
I am not aware of ie.exe nor iea.exe .. I donot think they are related to IE .

0
 
LVL 4

Assisted Solution

by:avi247
avi247 earned 71 total points
ID: 12094363
Under C:\WinNT\repair, there is a copy of autoexec.nt
Copy it over to the system32 directory.
Refer:
http://forums.vnunet.com/thread.jsp?forum=10&thread=37001&message=205112


I am not sure if ie.exe and\or iea.exe are part of any of the "anti spyware" packages that you installed. If you know that they weren't installed by these apps then..
1. Do a search on your drives for ie.exe and iea.exe and rename all instances you find to <filename>.bak or so.
2. Go to Start>Run>Type regedit in the Run box. This opens up the registry.
** Backup your registry before any modifications. Select My computer, then click Registry on the menu>Export Registry File**
Navigate to HKEY_Local_MACHINE>Software>Microsoft>Windows>CurrentVersion
3. Look for the above files under Run and RunOnce SubDirectories. If you find any reference to the above files, select it, Right click and select Modify. Then rename the file to <filename>.bak again
4. Do a search for the above files using Edit>Find. Rename any hits.
5. Repeat 1,3,4 for Search Assistant also.

If you are not sure if they were installed by these apps then
1. Search and rename these files. Start each of the anti-spyware apps and see if they throw an error.
2. Right click on those exes, go to Properties> Version tab and see what it says in Copyright.
You may now get an identity of the source (although this can be spoofed).

HTH.
0
 
LVL 27

Assisted Solution

by:Asta Cu
Asta Cu earned 213 total points
ID: 12096421
On the Winad Client, see quite a few hits on google that point to problems and intrustions, as noted here:
http://www.google.com/search?hl=en&ie=UTF-8&q=winad+client&btnG=Google+Search
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12243802
Thank you, happy we could be of some help to you.
Best wishes,
":0) Asta
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I spend far too much time on the web keeping up with the news: politics, the environment, computer stuff, the Experts Exchange. It's never-ending. But many of the most informative web pages are overwhelmed with noise: scrolling banners, flashing tex…
After uninstalling Opera browser (for example ver. 10.63), your attempts to open a web page by clicking on a URL link may fail with an error message.  The error is "This operation has been canceled due to restrictions in effect on this computer. Ple…
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question