1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Iexplore.exe virus - could not complete all 8 steps

By OggyK22
Dec 29, 2009
  1. I caught a really bad virus last night and it opens up iexplore.exe on startup and then plays ads in the background. If I kill the process, it opens another one up 30 seconds later. I tried performing all 8 steps, but I was only able to run CCleaner, update Java, and run HijackThis. I tried installing Malwarebytes and SUPERAntiSypware but the setups would not open. The virus has also disabled my McAfee VirusScan so I am unable to scan my computer. I attached the HijackThis log. Please help!
  2. OggyK22

    OggyK22 TS Rookie Topic Starter

    Problem Solved!

    It turns out that I had the Rootkit.TDSS virus. I figured it was some sort of rootkit but it took me the last 2 days to actually determine which one I had. Here's the steps I went through to find and remove the virus.

    1. I downloaded and ran Sophos Anti-Rootkit. The scan found the following infected files, but was unable to delete any of the registry files:
    C:\Documents and Settings\Kenny Aral\Local Settings\Temp\h8srtmainqt.dll
    C:\Documents and Settings\Kenny Aral\Local Settings\Temp\H8SRT3180.tmp

    2. When I googled H8SRT virus the first link I found was this: http://www.myantispyware.com/2009/12/22/how-to-remove-h8srt-trojan-remove-rootkit-tdss/

    3. I followed the instructions on that link -- downloading TDSSKiller -- and it was able to remove the infected registry files. On restart, my McAfee VirusScan came back to life and I was able to install Malwarebytes.

    4. I scanned my computer with Malwarebytes and it removed the remaining infected files.

    I'm still going to re-scan with McAfee and CCleaner but I'm pretty sure the virus is gone for good. Phew.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...