close

Privacy guaranteed - Your email is not shared with anyone.

IEXPLORE.EXE virus

Discussion in 'Tech Talk' started by jolt8me, Sep 19, 2008.


  1. jolt8me

    jolt8me
    Expand Collapse
    Your the devil

    Joined:
    May 9, 2004
    188
    0
    Location:
    Michigan
    I got hit with a virus. Its supposed to look like a virus scanner and tells you that you have this many viruses on your computer and to but their software to fix it. Along with the pop up it changes your background and screen saver to make it appear that you have a virus. Along with that it also Hijacks your browser and points it to weird places "like yellow book". Well I fixed almost everything and i am pretty sure i got rid of the virus. Now when i boot up i have "IEXPLORE.EXE" running on bootup. I know its supposed to look like internet explorer but its not. I am pretty sure this is the browser hijack componet of the virus. Any ideas on how to get rid of this process? I have ran virus scanners up the butt and have come back with nothing.
     

    Wanna kill these ads? We can help!
  2. d3athp3nguin

    d3athp3nguin
    Expand Collapse

    Joined:
    Aug 7, 2007
    629
    0
    REFORMAT!

    (sorry, reflex response to anyone hit with a Windows virus.)

    If you have run lots of 3rd party apps like Smitfraudfix, AdAware, Spybot... and your AV client doesn't work, then it may be easier to simply try a reinstall of Windows. I don't mean to discourage your virus removal efforts, but I have encountered a number of Windows viruses that ravage one's computer beyond repair once they get as far as changing your desktop backgroud. I've seen some that deny you privileges to run in safe mode!

    Sounds like that one is using a rootkit to hide itself. Trying to remember any good ways aside from the above to yank out those rootkits...
     

  3. jolt8me

    jolt8me
    Expand Collapse
    Your the devil

    Joined:
    May 9, 2004
    188
    0
    Location:
    Michigan
    haha reformat. Thats the blanket answer from tech support. Sadly, I think i might have to do that if I Cant get rid of it.
     
  4. citori59

    citori59
    Expand Collapse
    Lock Guru

    Joined:
    Apr 11, 2006
    558
    0
    Location:
    Altoona, Pennsylvania
    I had a similar problem a few weeks ago. The security stuff my broadband provider didn't stop it and couldn't find it and spybot was useless. I tried something called stopzilla (www.stopzilla.com) and it found 181 viruses, spyware, malware, etc. For 20 bucks my computer was fixed and is running better than it ever has.
     
  5. srhoades

    srhoades
    Expand Collapse

    Joined:
    Jul 14, 2000
    2,797
    10
    Combofix, and then smitfraud fix. Don't worry if the background is still all whack, just change it as normal when all is done.
     
  6. Tinamil

    Tinamil
    Expand Collapse

    Joined:
    Jan 3, 2007
    299
    0
    Location:
    Fort Hood
    There are several free and very good utilities to run that will clean up your computer.

    Spyware Cleanup, run all 3 if you are currently infested, just keep running and restarting your computer over and over until it comes up clean from all 3 applications:
    Windows Defender
    Ad-aware
    Spybot S&D

    Antivirus, pick one:
    AVG
    Avast!
    ClamWin
     
  7. kahrguy

    kahrguy
    Expand Collapse

    Joined:
    Sep 3, 2004
    310
    0
    I had bad experience with (www.stopzilla.com) I was unable to uninstall it
    with out buying it,had to go to system restore to do it.
     
  8. jolt8me

    jolt8me
    Expand Collapse
    Your the devil

    Joined:
    May 9, 2004
    188
    0
    Location:
    Michigan
    I am pretty sure i got rid of it. Everything seems to be working fine now. The only one that was able to find it was Malwarebytes, Everything else missed it. For future reference for other people, these are the files missed by everything else.
    C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent)
    C:\WINDOWS\system32\tdssl.dll (Trojan.Agent)
    C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent)
    C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent)
    C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent)
    C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent)
    C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent)
    C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent)