recurring rogue file

  Trotter2 17:35 02 Aug 2007

Up until recently I was running AVG security on my win XP system but have now changed to Panda. It would seem that while AVG slept my computer was invaded by numerous spyware and phishing programs. these were found by Panda and dealt with quite rapidly. However, I have one rogue file that keeps returning up to three times per day. I've tried to find it manually to no avail but no matter how many times it's deleted, it pops up some hours later. any suggestions please?

  mfletch 17:44 02 Aug 2007

Hi what is the folder?

If its connected to something that is running try stoping the progam first,

If you want to find out what programs are running on your PC and what they do?

Try this!

Then type in the run box services.msc

This will open a window with a list of programs that are on you PC,

And it will tell you if they are running or not,

You can also check what the program does by clicking onto it and a description of
The program will be shown on the left,

This services window also allows you to STOP or START a program and does not remove it
So you can easily STOP or START the program again.

Here is a discription of the sevices window

click here


  Fruit Bat /\0/\ 17:44 02 Aug 2007

What is it?

Never liked Panda as kept giving me false positives and charges for use.

  brundle 18:04 02 Aug 2007

Get HijackThis click here and post your log on here click here

  Trotter2 18:07 02 Aug 2007

The file reads as follows: Application/mywebsearch Hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179} As far as I know I'm not running any program containing this file, but will check it out at first opportunity, thanks mfletch. As for Panda giving false positives - prior to installing it the settings on my computer were being changed so that every time I wanted to go on the web it was asking for dial up addresses ......... even tho I've got broadband! but thanks for your input, Fruit Bat /\0/\

  Fruit Bat /\0/\ 18:17 02 Aug 2007
  Trotter2 10:18 03 Aug 2007

Thanks Fruit Bat /\0/\, but I haven't got 'mywebsearch' anywhere on my computer. Hi mfletch, have tried your suggestion but still can't find this application running anywhere. Thanks brundle, if computer can't find rogue file running how can posting this with HijackThis help? Surely they'll think I'm insane hunting for something which the system says isn't there!

  Seth Haniel 11:25 03 Aug 2007

F3 search for Application/mywebsearch Hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179 - delete it

  mfletch 14:31 03 Aug 2007

Hi, Download this free Regcleaner and look in the first three Software/ Startup/ Uninstall menu,

Is there anything there that relates to the application? if yes put a tick in the box on the left and stop/delete it,

click here

Also try this anti rootkit,

click here

hope this helps you.


  Strawballs 14:38 03 Aug 2007

click here This is one recomended by nellie2

  Trotter2 15:05 03 Aug 2007

have tried to remove manually but can't find location of problem file. will try all other suggestions shortly. thankyou all for your input. it's gratefully received.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

WPA2 hack: How secure is your Wi-Fi?

HP’s new Surface Pro rival is designed specifically for Adobe-using designers and artists

Best kids apps for iPhone & iPad

Que faire si son iPhone ou iPad est tombé dans de l'eau ?