Changing iexplorer.exe to iexplorer.ex_ ?????

Lately, I've been having a lot of problems with random iexplorer ads popping up. Since I use Netscape and Firefox, I don't need IE anymore. Since I don't want to delete it, a friend (w/ A LOT of PC experience) recomended going to My Computer==> C: ==>Program Files==>Internet Explorer.
He then said to change Internet Explorer to iexplorer.ex_ so adware won't be able to summon the program.
However, EVERYTIME I try to change it to iexplorer.ex_ windows makes a new icon saying iexplorer (thus iexplorer.EXE). It refuses to not have an iexplorer.exe in the folder.

HELP!!!!!!!!!!

I think it's adware or simply a Windows config thing that doesnt allow it.

I'm not as knowledgeable about this, so look up threads abut this proble. Or, you can run a program called HiJackThis and I can advise

Best wishes, sw123

you'd really check my hijackthis? should i copy+paste or attach as .txt?

thanks so much (if you check)
and I hate you (if you don't check)

Attach it as a log. See HERE for details

here it is

here it is....
and sorry if its weird, this computer has been killing me :blackeye:

I have moved your thread to the security and the web forum. This is because your computer is infected with all sorts of crap.

Download and run these four tools. Follow the instructions for using each tool.

Tool1 Tool2 Tool3 Tool4

Then, go HERE and follow the instructions for running Ewido.

Post a fresh HJT log, only after doing the above.

Regards Howard

This thread is for the use of miksah2001 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

& btw you can't rename the iexplore.exe file as Internet Explorer is part of the Windows core components. Thank Microsoft for that.

arrrrrgghh

dang it I can't even do the first program you showed, howard....

I'm halfway through doing what the first one says, and I restart the computer in safe mode to purge the PC of a couple of the bad stuff.
but, right after I log in and click OK to continue in safe mode, the icons on the desktop disappear, the start at the bottom disappears, and I'm left to stare at the black desktop w/ "safe mode" written around the edges.

I tried logging off and on a couple times and trying, but it does the same, no matter which account I use, even Administrator...
GGGRRRRRRR

I did Tool1 in normal mode now, I don't know if thats ok or not....

Miksah to start with whatever Monitor your using and graphics card, in Safe mode your Drivers for your graphics and monitor aren't loaded i used to have the same problem but i adjusted the monitor by the buttons on the monitor, if you move the screen up it should show the start bar in safe mode. if not you got other probs

frenzy, thanks for your concern, I understand what you mean, but thats not it.

what happens is that the start appears, along w/ the desktop icons, but then disappear. another person on these threads has the same problem. its most likely that explorer.exe doesnt load....
i think....

ok i'm finally on ewido, but I've reached a problem (i think).
When I'm installing it, I don't see an "additional options". The instruction thread says to UNCHECK two things there, but since I can't find them, should I still contintue?
thanks

:d

linux ftw!

okee dokee here it is

I have my Look2MeDestroyer log and my HijackThis. I can't attach my Ewido log cuz it exceeds the limit of 100kb, its 111.2 kb....

I hope someone can help... puke:

u can compress it with a compressed folder...

Download the Pocket Killbox programme from HERE. Extract it but don`t run it yet.


You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

ALCXMNTR.EXE

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O2 - BHO: (no name) - {062492AF-392E-479D-BF52-A7A4BCA00307} - C:\WINDOWS\compstuic.dll (file missing)

O2 - BHO: (no name) - {0B5F7FDF-0717-45BF-B49D-695F3168C7FE} - C:\WINDOWS\system32\admparsek.dll (file missing)

O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\system32\jkkji.dll (file missing)

O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00302} - C:\WINDOWS\system32\adsldpbx.dll (file missing)

O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00303} - C:\WINDOWS\system32\adsldpby.dll (file missing)

O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00304} - C:\WINDOWS\system32\adsldpbz.dll (file missing)

O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00305} - C:\WINDOWS\system32\compstuia.dll (file missing)

O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00306} - C:\WINDOWS\compstuib.dll (file missing)

O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00311} - C:\WINDOWS\compstuig.dll

O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00320} - C:\WINDOWS\system32\compstuif.dll (file missing)

O2 - BHO: (no name) - {DF00FFA0-AEA9-4EA8-A10F-8BB9A7F8508C} - C:\WINDOWS\adsldpbm.dll (file missing)

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

O15 - Trusted Zone: http://www.amaena.com

O15 - Trusted Zone: http://locator.cdn.imageservr.com

O15 - Trusted Zone: http://scanner.sysprotect.com

O15 - Trusted Zone: http://*.systemdoctor.com

O15 - Trusted Zone: http://www.winantivirus.com

O15 - Trusted Zone: http://www.winantiviruspro.com

O15 - Trusted Zone: http://download.cdn.winsoftware.com

O15 - Trusted IP range: http://202.67.220.225

O15 - Trusted IP range: http://59.148.220.121

O15 - Trusted IP range: http://62.4.84.53

O15 - Trusted IP range: http://82.98.235.58

O15 - Trusted IP range: http://85.12.25.90

O20 - Winlogon Notify: cfgmngr32 - C:\WINDOWS\system32\cfgmngr321.dll (file missing)

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

ALCXMNTR.EXE Search your system for this file and delete all instances of it.

Run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and check the delete file on reboot button. press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, select no until you have finished inputting the files you want to delete, only then allow it to reboot and hopefully your files will now be deleted.

This is the filepath you need to enter into killbox.

C:\WINDOWS\compstuig.dll

Once your system has rebooted, turn system restore back on.

Post a fresh HJT log and let me know how your system is running.

Regards Howard

This thread is for the use of miksah2001 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

use the Firefox option to become the DEFAULT browser

leave IE alone, as you will need it for MS Updates

hey howard, I can start doing what you said in your latest post in a couple hours, but I think there's a problem,

remember how I can't fully boot in Safe Mode(see a previous post)? is there a way around that?
Sorry if this sounds stupid, but I haven't read the tutorials yet....

Cheers

and jobeard, Firefox IS my default browser, the spyware just uses IE cuz I guess it infected that one. I don't have to necessarily be using IE at the time for the popups to come up......

Follow the instructions in normal mode and see if that helps. Then post a fresh HJT log.

Regards Howard

yay I did all of it, and my hijackthis log is attached...
I just had a quick question tho. today, i noticed in the taskmanager that i had "guard.exe" running, does this have anything to do w/ all that stuff I installed(maybe Ewido)? thanks

EDIT: I just deleted "O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe" because it's something from an old program....just in case you needed to know....

Guard.exe is part of ewido.