re: belgiandip.com Sunday, March 21, 2004 at 3:00 pm Windows XP Annoyances Discussion Forum Posted by Jay (1 messages posted) I just got rid of it today with the help of the guys at lurkhere.com. The files that caused trouble were: PUP.EXE, GSH400J.EXE and FWD.EXE. I ran McAfee updated 6.0 and got them. McAfee could not remove FWD.EXE so I did the manual removal goint to Windows/System. These files were installed on Windows/System, not on Windows/System32. You all should try to get the program "hijack this" it will scan your system activity and report on everything you may need to id these type of viruses. Good luck to all. On Monday, March 15, 2004 at 1:44 pm, Vinny wrote: >I think I FINALLY fixed it. Using security task manager I found a program running >called roctexep.exe that looked funny to me. I quarantined it and have opened and >closed I.E. many many times with no pop-ups. Then I re-booted a few times and did >the same just to see if would re-materialize from another program I may have missed, >so far, so good (knock on wood) thanks again for all of your help. > > > >On Monday, March 15, 2004 at 1:04 pm, Tim wrote: >>Hmmm... You certainly have a perplexing infestation then. It doesn't make any >sense >>that you don't have a file on your machine like we would expect. I'm a bit at >a >>loss, but I'll try a couple more suggestions. First, I did see someone say that >>the latest version, dated yesterday, of Ad-aware will get this. If so, you can >get >>it for free at www.lavasoftusa.com. Also, you might want to download and run Hijack >>This. It won't fix this problem itself, but it might help clean up junk that came >>along at the same time. I found that when I got this thing, my computer had been >>directed to a site called achtungachtung (not typing it as a url, for obvious reasons) >>that downloads a trojan onto your computer. Also, I got directed to something like >>default-network-homepage or similar that brought up lots of junk too. I have no >>idea how my computer got sent to those places in the first place but I suspect it >>had something to do with the Windows messenger service before I could disable it. >> Anyway, my point is you need to check to see it there is more to clean up than >just >>the belgiandip problem. This takes virus scanning and registry clean up to fix >everything. >> OK, back to your problem at hand. >> >>This may be a bit drudgerous and it is a bit risky (not overly so), but what I personally >>would do is try to find the program in the task manager that is causing this... > >>Bring up the task manager and go to the Processes tab. Go down the list of every >>process that is running (you can obviously ignore things like SYSTEM, SYSTEM IDLE >>PROCESS, and svchost.exe and anything else that you are absolutely 100% sure is >>part of Windows and supposed to be there, but if in doubt, include it in what I'm >>about to suggest). For each listed process, open a search window and search for >>the .exe file on your machine. For example, if you wanted to check it anyway, you'd >>search for svchost.exe (obviously it will take a little while for your machine to >>search for each file, that's the drudgery part). Once you find each file, right >>click (DON'T double-click) and select Properties. Check out the description field >>contents and then click the version tab and make sure that the company listed is >>Microsoft, or someone you know you should be running software from like Symantec, >>Real Networks, etc. depending on what all you have on your machine. I bet you'll >>eventually find something that looks suspicious and I even expect you'll find "totempole" >>in the company field. Anyway, once you find something suspicious, you can try killing >>the process and see if your problem goes away. Of course, this is the risky part, >>if you have chosen badly, you could crash your machine, but this is probably not >>a high risk, even if you do. Of course, make sure you write that process name down >>before you kill it so you can then search for it again and delete it and clean your >>registry as we discussed before. Maybe someone else will have a simpler solution, >>but that's the best I can up with at this point. Good Luck! > Written in response to: re: belgiandip.com (Vinny: Monday, March 15, 2004 at 1:44 pm) There are presently no replies to this message. All messages in this thread [show all] belgiandip.com (BT: Wed, Dec 17, 2003, 4:01 pm) re: belgiandip.com (MBUSA: Wed, Dec 17, 2003, 4:17 pm) re: belgiandip.com (MBUSA: Wed, Dec 17, 2003, 4:18 pm) re: belgiandip.com (BT: Wed, Dec 17, 2003, 8:18 pm) re: belgiandip.com (werner: Thu, Dec 18, 2003, 2:52 pm) re: McAfee Popups on desktop when booting (Hazel B. Senn: Wed, Mar 30, 2005, 11:28 am) re: McAfee Popups on desktop when booting (Falcon: Wed, Mar 30, 2005, 12:09 pm) re: belgiandip.com (BT: Fri, Dec 19, 2003, 3:27 pm) re: belgiandip.com (THANKYOU!!!: Sun, Mar 21, 2004, 8:38 pm) re: belgiandip.com (L Esl: Wed, Dec 17, 2003, 4:25 pm) re: belgiandip.com (werner: Wed, Dec 17, 2003, 4:30 pm) re: belgiandip.com (werner: Thu, Dec 18, 2003, 12:24 pm) re: belgiandip.com (Jazz: Thu, Dec 18, 2003, 9:52 am) re: belgiandip.com (S: Fri, Apr 9, 2004, 8:10 pm) re: belgiandip.com (Johannes Drescher: Sun, Feb 8, 2004, 7:26 am) re: belgiandip.com (Sleepy: Mon, Mar 29, 2004, 6:42 pm) update on files to delete (mero: Mon, May 24, 2004, 11:57 am) re: belgiandip.com (Cyber Spyder: Mon, Mar 1, 2004, 12:23 am) re: belgiandip.com (Mike: Wed, Mar 3, 2004, 11:06 am) re: belgiandip.com (dubyadee: Fri, Mar 5, 2004, 5:42 pm) re: belgiandip.com (Cyber Spyder: Fri, Mar 5, 2004, 8:55 pm) re: belgiandip.com (Korben: Fri, Apr 9, 2004, 7:41 am) re: belgiandip.com (ruben lima: Wed, Apr 21, 2004, 1:06 pm) re: belgiandip.com - Yet another person who needs help... (Bri: Sun, May 2, 2004, 11:44 am) re: belgiandip.com - New Name (Shaunabobauna: Mon, Apr 12, 2004, 9:43 pm) re: belgiandip.com - New Name (Dennis: Fri, Apr 16, 2004, 11:44 am) re: belgiandip.com (Quoc Nguyen: Fri, Mar 5, 2004, 8:57 pm) re: belgiandip.com (ray: Sat, Mar 6, 2004, 9:12 pm) re: belgiandip.com (Cyber Spyder: Sat, Mar 6, 2004, 11:28 pm) re: belgiandip.com (ray: Sun, Mar 7, 2004, 2:42 pm) re: belgiandip.com (Cyber Spyder: Mon, Mar 8, 2004, 1:30 am) re: belgiandip.com (Erika: Mon, Mar 8, 2004, 9:09 am) re: belgiandip.com (Cyber Spyder: Mon, Mar 8, 2004, 7:18 pm) re: belgiandip.com (Erika: Mon, Mar 8, 2004, 7:45 pm) re: belgiandip.com (ray: Mon, Mar 8, 2004, 7:57 pm) re: belgiandip.com (Cyber Spyder: Mon, Mar 8, 2004, 11:17 pm) re: belgiandip.com (Nancy: Tue, Mar 9, 2004, 4:34 am) re: belgiandip.com (Iain Reid: Tue, Apr 13, 2004, 4:24 am) re: belgiandip.com (Ray: Tue, Apr 13, 2004, 12:37 pm) re: belgiandip.com (Ray: Tue, Apr 13, 2004, 2:14 pm) re: belgiandip.com (Mike: Wed, Apr 14, 2004, 1:08 am) re: belgiandip.com (Erika: Sun, Mar 7, 2004, 2:46 pm) re: belgiandip.com (Mike: Mon, Mar 8, 2004, 9:24 am) re: belgiandip.com (will: Sun, Apr 11, 2004, 6:28 pm) re: belgiandip.com (will: Sun, Apr 11, 2004, 6:36 pm) re: belgiandip.com (kuLLy: Thu, Apr 15, 2004, 12:58 pm) re: belgiandip.com fixed (chaff_salvo: Wed, Mar 10, 2004, 6:06 pm) re: belgiandip.com EASY SOLUTION (Anonymous: Tue, Mar 9, 2004, 9:46 pm) re: belgiandip.com EASY SOLUTION (Jerry: Sat, Apr 17, 2004, 10:58 am) re: belgiandip.com EASY SOLUTION (skippy: Sun, Apr 18, 2004, 12:18 am) re: belgiandip.com EASY SOLUTION (Fluff: Sun, Apr 18, 2004, 8:51 am) re: belgiandip.com residual problem (Mike Lowry: Sun, May 30, 2004, 3:35 pm) re: belgiandip.com residual problem (CrazyTalk: Wed, Jun 2, 2004, 4:04 pm) re: belgiandip.com residual problem (Mandy: Tue, Jul 13, 2004, 6:51 am) re: belgiandip.com residual problem (Charles: Wed, Sep 8, 2004, 10:45 pm) re: belgiandip.com EASY SOLUTION (Muzlhed: Fri, Jun 25, 2004, 2:04 pm) re: belgiandip.com EASY SOLUTION (Diane: Tue, May 4, 2004, 12:45 pm) re: belgiandip.com EASY SOLUTION (joel: Sun, May 9, 2004, 10:10 am) re: belgiandip.com EASY SOLUTION (Mike Duffy: Sun, May 9, 2004, 8:43 am) re: belgiandip.com EASY SOLUTION (Pat: Sun, May 9, 2004, 4:28 pm) re: belgiandip.com EASY SOLUTION:pat (Nathan Griffin: Sun, May 9, 2004, 10:59 pm) re: belgiandip.com EASY SOLUTION:pat (Pat: Mon, May 10, 2004, 7:25 am) re: belgiandip.com EASY SOLUTION:pat (Sara: Tue, May 11, 2004, 7:18 pm) re: belgiandip.com EASY SOLUTION:pat (John Naughton: Fri, May 14, 2004, 8:53 pm) re: belgiandip.com EASY SOLUTION (Faulco: Mon, May 10, 2004, 12:15 am) i found a way to rid of it (jason: Tue, May 11, 2004, 5:10 pm) More Information (Harry May: Fri, Jul 2, 2004, 7:56 am) belgiandip.com :S! (Fernando: Sun, May 16, 2004, 3:08 pm) re: belgiandip.com :S! (Lindsay: Tue, May 18, 2004, 6:54 am) re: belgiandip.com EASY SOLUTION (archie: Sun, May 23, 2004, 11:12 pm) re: belgiandip.com EASY SOLUTION (VICTOR: Mon, May 24, 2004, 3:36 pm) re: belgiandip.com EASY SOLUTION (Jess: Sat, Jun 12, 2004, 5:10 pm) re: belgiandip.com (VelociRapture: Wed, Mar 10, 2004, 8:29 am) re: belgiandip.com (MrDroid: Mon, Mar 22, 2004, 5:07 pm) re: belgiandip.com (iCQ: Mon, Mar 29, 2004, 5:50 pm) re: belgiandip.com (Charles: Sat, Apr 10, 2004, 8:43 pm) re: belgiandip.com (Trippy: Tue, Apr 6, 2004, 2:05 am) re: belgiandip.com (Phoenix: Sat, Apr 10, 2004, 3:40 am) re: belgiandip.com (Mathew : Mon, Apr 12, 2004, 11:40 pm) re: belgiandip.com (attorney bo schimers: Mon, Mar 8, 2004, 3:46 pm) re: belgiandip.com (Nancy: Tue, Mar 9, 2004, 4:21 am) re: belgiandip.com (andrea mauer: Sun, Mar 14, 2004, 6:47 pm) re: belgiandip.com (Vinny: Mon, Mar 15, 2004, 8:15 am) re: belgiandip.com (Tim: Mon, Mar 15, 2004, 11:17 am) re: belgiandip.com (Vinny: Mon, Mar 15, 2004, 12:38 pm) re: belgiandip.com (Tim: Mon, Mar 15, 2004, 1:04 pm) re: belgiandip.com (Vinny: Mon, Mar 15, 2004, 1:44 pm) re: belgiandip.com (Jay: Sun, Mar 21, 2004, 3:00 pm) re: belgiandip.com (Kristiana: Fri, Apr 9, 2004, 11:32 am) re: belgiandip.com (Jim: Fri, Apr 2, 2004, 9:24 pm) re: belgiandip.com (David: Sat, Apr 10, 2004, 8:59 am) re: belgiandip.com (PossumJenkins: Sat, Apr 10, 2004, 12:11 pm) re: belgiandip.com (Derek: Sun, Apr 11, 2004, 8:11 pm) re: belgiandip.com (e: Sun, Apr 11, 2004, 9:46 pm) re: belgiandip.com (Francis: Sat, Apr 10, 2004, 1:26 pm) re: belgiandip.com THIS WILL WORK!!! (eric: Sat, Apr 10, 2004, 6:37 pm) re: belgiandip.com THIS WILL WORK!!! (stephen nesbitt: Thu, Apr 15, 2004, 1:01 pm) re: belgiandip.com (monica: Sun, Apr 11, 2004, 2:01 am) re: belgiandip.com (D Ho: Sun, Apr 11, 2004, 8:13 pm) re: belgiandip.com (Thomas: Mon, Apr 12, 2004, 3:47 pm) re: belgiandip.com (ju: Wed, Apr 14, 2004, 5:09 am) re: belgiandip.com (callix: Wed, Apr 14, 2004, 5:43 am) re: belgiandip.com (ju: Wed, Apr 14, 2004, 6:25 am) re: belgiandip.com (Terence: Fri, Apr 16, 2004, 8:36 am) re: belgiandip.com (Acrobaze: Fri, Apr 16, 2004, 2:41 pm) re: belgiandip.com NEW INFO (Anonymous: Fri, Apr 16, 2004, 6:18 pm) re: belgiandip.com NEW INFO (Jenni: Thu, Apr 22, 2004, 12:49 pm) re: belgiandip.com NEW INFO (Mark: Fri, Apr 30, 2004, 6:10 pm) re: belgiandip.com NEW INFO (CLR: Fri, Apr 30, 2004, 11:12 pm) belgiandip.com - programs by totempole (Jay: Sat, May 1, 2004, 4:00 pm) re: belgiandip.com - programs by totempole (John Naughton: Sat, May 1, 2004, 8:36 pm) re: belgiandip.com - programs by totempole (Akashan: Mon, Jun 21, 2004, 8:41 pm) re: belgiandip.com A SIMPLE SOLUTION!!! (Jack: Sat, Apr 17, 2004, 7:40 am) re: belgiandip.com A SIMPLE SOLUTION!!! (Konrad Adenauer: Sun, Apr 18, 2004, 2:19 pm) re: belgiandip.com A SIMPLE SOLUTION!!! (John Naughton: Wed, Apr 21, 2004, 5:47 pm) re: belgiandip.com A SIMPLE SOLUTION!!! (olivier: Sat, Jul 3, 2004, 5:23 am) re: belgiandip.com A SIMPLE SOLUTION!!! (Rob Leslie: Mon, Apr 26, 2004, 8:29 am) re: belgiandip.com A SIMPLE SOLUTION!!! (Stuart: Thu, Jul 1, 2004, 9:11 am) re: belgiandip.com A SIMPLE SOLUTION!!! (David Barbee: Wed, Sep 22, 2004, 9:51 am) re: belgiandip.com: Mutated / Migrated? ow32w.exe (u660699: Wed, Apr 21, 2004, 5:34 pm) re: belgiandip.com: Mutated / Migrated? ow32w.exe (ccam: Sat, Nov 13, 2004, 8:42 pm) Reply or follow-up to this message Search this forum Start a new thread on a different subject Report abuse of the forum Return to the Windows XP Discussion Forum