Damned IExplore.exe virus

Toggle sidebar Toggle sidebar
J

jae

Golden Member
Jul 31, 2001
1,034
0
76
www.facebook.com
For some reason I can't get rid of this iexplore.exe virus on my Aunt's computer. Its the one with the invisible ads. Every 5-10mins two iexplore.exe process will start. The parent is an legit svchost.exe. Ofcourse if you kill iexplore.exe and try to delete it, it just reappears. This all happened after she got the Windows Recovery virus.

I have her running Avira now, she was running MSE before. Nothing will get rid of this iexplore issue. It even starts up in safe mode! I've tried Avira, MBAM, ESet Online, SuperAntiSpyware, Spybot S&D, and some small tools from bleepingcomputer.
 
airdata

airdata

Diamond Member
Jul 11, 2010
4,987
0
0
Have you tried resetting the browser ?

Try using an updated hosts file, and try running a scan with hitman pro ( surfright.nl ).
 
Z

Zargon

Lifer
Nov 3, 2009
12,218
2
76
system restore?

I've been cleaning the fakesysdef virus alot and I've had to use kaperskys boot disc to get it clean enough to do system restore
 
J

jae

Golden Member
Jul 31, 2001
1,034
0
76
www.facebook.com
I had tried resetting IE8 and reinstalling it yesterday night, which didnt work.

After finding out the virus was called Whistle Blower, I found a tool by kaspersky that 'cured' it 15-20 mins after I made this thread; tdss.exe I think it was called.

Volsnap.sys was infected. Avira claimed it repaired this file yesterday.. but it lied! Lol

Sent from my PC36100 using Tapatalk
 
C

chemwiz

Senior member
Mar 8, 2000
848
1
81
Glad you mentioned that, I see it's made for Vista and Win 7 64bit now. Thanks LiuKangBakinPie!
 
LiuKangBakinPie

LiuKangBakinPie

Diamond Member
Jan 31, 2011
3,903
0
0
chemwiz said:
Glad you mentioned that, I see it's made for Vista and Win 7 64bit now. Thanks LiuKangBakinPie!
Click to expand...

no problem mate. Thought the same thing couple of months back until I got told the same lol.

But remember to patch up the exploits first before running a scanner. Otherwise the open door is still there
 
LiuKangBakinPie

LiuKangBakinPie

Diamond Member
Jan 31, 2011
3,903
0
0
jae said:
I had tried resetting IE8 and reinstalling it yesterday night, which didnt work.

After finding out the virus was called Whistle Blower, I found a tool by kaspersky that 'cured' it 15-20 mins after I made this thread; tdss.exe I think it was called.

Volsnap.sys was infected. Avira claimed it repaired this file yesterday.. but it lied! Lol

Sent from my PC36100 using Tapatalk
Click to expand...

no it didn't lie. That utilities remove rootkits. But it doesn't remove infections thats hiding in the system restore.
Did you manage to remove it? If not run hijack this and post the log so I can have a look at it
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom