[winzix moron]

First off, I have hijack this but have never used it before. Am probably a bit of a tech-noob compared to most on this site so please bare with me.

I recently downloaded a file which came zipped in a .zix archive and provided a programme called Winzix free to extract it. I, stupidly, installed winzix and extracted the downloaded programme. Almost immediately I started getting pop-up ads that open with internet explorer. I run Zone Alarm, AVG and Spybot free editions and have done full updated scans with all three and also have downloaded and scanned with SuperAntiSpyware. These have picked up a few issues and removed them but I still have a couple of problems: iexplore.exe process is always running, somtimes multiple entries. I don't use internet explorer. When I end process it immediately reopens. Also, I still get the occasional ad opening with internet explorer when I'm online (on firefox).

I would greatly appreciate any help with this. I have included a hijack this log but as I say, I'm a noob and may have the settings wrong or something.

[YRTNEG]

use firefox mate you will never have a problem

[Hybr!d]

Quote:

Originally Posted by YRTNEG

use firefox mate you will never have a problem

Swapping to firefox is not a fix for having malware on your system. You can still get malware just the same as IE.

Leave the malware removal threads to the trained malware team in future, thanks.

[Hybr!d]

Quote:

Originally Posted by winzix moron

First off, I have hijack this but have never used it before. Am probably a bit of a tech-noob compared to most on this site so please bare with me.

I recently downloaded a file which came zipped in a .zix archive and provided a programme called Winzix free to extract it. I, stupidly, installed winzix and extracted the downloaded programme. Almost immediately I started getting pop-up ads that open with internet explorer. I run Zone Alarm, AVG and Spybot free editions and have done full updated scans with all three and also have downloaded and scanned with SuperAntiSpyware. These have picked up a few issues and removed them but I still have a couple of problems: iexplore.exe process is always running, somtimes multiple entries. I don't use internet explorer. When I end process it immediately reopens. Also, I still get the occasional ad opening with internet explorer when I'm online (on firefox).

I would greatly appreciate any help with this. I have included a hijack this log but as I say, I'm a noob and may have the settings wrong or something.

Please wait for one of the malware team who will guide you through cleaning your system.

[winzix moron]

I do use firefox. If I could remove IE entirely I would. The malware opens IE not me.

Thankyou Dave, I shall wait for one of the Malware team. Thankyou for taking the time to respond.

[evilfantasy]

Download Malwarebytes' Anti-Malware (MBAM)

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to the following:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform quick scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

----------

Please install the new version of HijackThis and post a log from it.

Download TrendMicro HijackThis.exe (HJT) to the Desktop.

• Double-click on HJTInstall.
• Click on the Install button.
• It will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe.
• Upon install, HijackThis should open for you.
• Click on the Do a system scan and save a log file button
• HijackThis will scan and then a log will open in notepad.
• Copy and then paste the entire contents of the log in your post.
• Do not have HijackThis fix anything yet. Most of what it finds will be harmless or even required.

----------

Next post please add the MBAM log and a new HijackThis log.

[winzix moron]

Thankyou so much for taking the time to help me. Am on it now and will repost as soon as it's done.

[evilfantasy]

No problem.

[winzix moron]

Done that, mbam scan seems to have cleared up the iexplore process issue, however, if I try to open IE it shows a window for a split second and then closes. Attached are both logs, thanks again for the help.

[evilfantasy]

Download Lop S&D by Eric_71 and save it to your Desktop. Lop S&D will only run on Windows XP and Windows Vista

Disable your antivirus and antimalware programs so they do not interfere with the running of Lop S&D. If needed see: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs


If you are using Windows Vista, right-click on LopSD.exe icon and select 'Run as administrator' to perform this scan.

• Double-click Lop S&D.exe
• Choose the language by typing of the corresponding letter and press Enter
• Click OK at the informative window
• Type 1, to choose Option 1 (Search) then press Enter
• Wait until the end of the scan
• A report will be generated, post the contents of it in your next reply.

A copy of the report can be found at this location: %systemdrive%\lopR.txt, in most cases C:\lopR.txt