Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

iexplore.exe opens by itself but no ie window visible. Only visible in task manager.

Posted on 2009-03-31
12
Medium Priority
?
1,966 Views
Last Modified: 2012-05-06
I beleive my internet explorer is hijacked. iexplore.exe will open by itself but can only be seen in the task manager and no visible window will be seen. Also when this happens, i go to google.com and do a search, it hijacks the result links when i click them.

Has anybody seen this issue before?
0
Comment
Question by:integservices
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +3
12 Comments
 
LVL 27

Expert Comment

by:David-Howard
ID: 24035452
Try to download (onto a thumbdrive, etc.) these two programs. They are very small, free and may resolved the issue.
www.malwarebytes.org
http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html
Once downloaded, boot into Safe Mode (F8 at startup) and run HiJackThis. Save the log file. Post the log file here for analysis or at www.hijackthis.de 
Items marked with Red X's are normally listed as dangerous and should be removed.
Run Malwarebytes as well in Safe Mode.
You might also try logging on to the system as a different user and trying to get IE access. Sometimes the malware that installs itself on a system does not affect every profile.
0
 
LVL 4

Expert Comment

by:Compnecessity1
ID: 24035595
Scan for spyware as David- Howard said.  Is this a Unveristy computer?
0
 

Author Comment

by:integservices
ID: 24035657
It's not a university computer. I will try the malwarebytes.

So far I tried, AVG, spybot, windows defender and Trend's SysClean. All of them came up with nothing.

0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 66

Accepted Solution

by:
johnb6767 earned 2000 total points
ID: 24035705
Did you try them in Safe Mode?

RootRepeal - RootRepeal - Rootkit Detector
http://rootrepeal.googlepages.com/

Under each tab, hit the Scan button, and see if you get any RED files/services/processes/drivers in the list, or just look for the summary, for any hidden files/services/processes/drivers in the lower left hand corner.....
0
 
LVL 4

Expert Comment

by:Compnecessity1
ID: 24035838
hmmm, suprising none of the spyware programs you tired so far found anything.  Sounds like a worm or tojan.  
0
 
LVL 16

Expert Comment

by:warturtle
ID: 24037193
Hmm.. download SmitFraudFix and do a scan with that in safe mode, if possible:

http://siri.geekstogo.com/SmitfraudFix.php

Hope it helps.

0
 

Author Comment

by:integservices
ID: 24044690
SmitFraudFix did not fix it.

I couldn't even install Malwarebytes. I see in task manager but no installation wizard comes up.

I did get further with RootRepeal. It found traces of the UAC trojan. How do i get rid of this nasty trojan?
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 24045174
You would need to rename MalwareBytes and or Combofix before saving to your desktop. Or use another pc to download the tools and rename them before in contact with the infected pc. The nasties blocks the tools from running unless renamed.


Combofix should get rid of it. Rename combofix before saving the download.

Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.



If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 
LVL 4

Expert Comment

by:Compnecessity1
ID: 24046284
Find your self a boot CD that you can create, update and scan for spyware.  
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 24046396
Last time I removed it manually by slaving the HDD into another PC, and loading the registry hives to remove the files, and the services..... After that SAS was able to remove the remnants.....

We can revisit this if ComboFix doesnt work....
0
 
LVL 4

Expert Comment

by:Compnecessity1
ID: 24053392
The fix is Linux based.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 24056430
"The fix is Linux based. "

???
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The intent of this Article is to provide the basic First Aid steps for working through most malware infections. The target audience includes experienced IT professionals and the casual user who just wants to make the infection go away. **********…
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question