IE Optimizer Malware

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by MSmith19, Aug 18, 2008.

  1. MSmith19

    MSmith19 Private E-2

    Okay so somehow my family managed to infect their computer with some malware that when IE is opened and utilized, you are redirected to these sites for medications, your original search is terminated and you get all these popups about virus removal and scanner sites. So I managed to narrow it down to this IE addon called 'IE Optimizer' the source: videoa32.dll. Once I disabled this, I am able to run the computer normally and the internet works fine. When enabled again, the malware is active. So I have figured out a way to isolate and disable this, but how can I remove it? My virus scanner: NOD32 or w/e and spybot SD cannot detect it. Any help is greatly .appreciated/.
     
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Welcome to Major Geeks!

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions.


    If something does not run, write down the info to explain to us later but keep on going.

    Do not assume that because one step does not work that they all will not.


    READ & RUN ME FIRST. Malware Removal Guide


    Note:

    1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

    Starting your computer in Safe mode

    2. If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
     
  3. MSmith19

    MSmith19 Private E-2

    Okay so I ran all those with the exception of combofix because I don't have access to my Vista CD.

    Spybot found no problems.
    NOD32 Scanner found no problems.
    Malwarebytes found 6 problems in the registry. Fixed.
    SuperAntiSpyware found 1 problem. Fixed.

    I am experiencing no symptoms of malware, but that addon is still visible and enable-able in my IE. When I enable it, I experience the same symptoms of malware- when disabled, there are none. I can't find the source of it however.
     
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Without seeing the logs, I can not advise you.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds