Author Topic: iehighutil.exe (FYI, this malware giving hell to alot of people)  (Read 3351 times)

0 Members and 1 Guest are viewing this topic.

Offline bleucharm28

  • Newbie
  • *
  • Posts: 1
This nasty fella gives constant crashes in your computer.  I thought it was an issue with hardware, like motherboard, cpu, video card and so on. 


Looking for ways to get rid of it.

Offline Asyn

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32779
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: iehighutil.exe (FYI, this malware giving hell to alot of people)
« Reply #1 on: April 18, 2013, 11:56:15 AM »
Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR..!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
XP SP3 - Avast 10.3.2225 - CIS 3.14 [FW/D+] - MBAM 1.75 [On Demand] - Firefox ESR 31.8 [NS/ABP/EHH/SVC] - Thunderbird 38.1 [EM]
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen und Infos):
https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 27349
Re: iehighutil.exe (FYI, this malware giving hell to alot of people)
« Reply #2 on: April 18, 2013, 12:02:24 PM »
if able to, upload iehighutil.exe to www.virustotal.com and test with 40+ malware scanners
when you have the result, post link to scan result here

Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline CarrieMiller

  • Newbie
  • *
  • Posts: 1
Re: iehighutil.exe (FYI, this malware giving hell to alot of people)
« Reply #3 on: April 28, 2013, 08:02:27 PM »
It is a bitcoin miner also comes with a rootkit, so simply removing the files will not suffice! The rootkit typically associated is going by the name \"0Access\" or \"ZeroAccess\".
I had to run the Kaspersky TDSSKiller in order to kill the root of it. I would like Avast! to have killed or blocked it to begin with though.


Offline Pondus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 27349
Re: iehighutil.exe (FYI, this malware giving hell to alot of people)
« Reply #4 on: April 28, 2013, 08:03:51 PM »
Quote
I would like Avast! to have killed or blocked it to begin with though.
then upload the sample to avast lab if you have it....
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.