Iwas infected by the same virus this guy was:
http://www.computing.net/security/wwwboard/forum/19251.html
The name of the virus is directx.trojan. The current version of Avast does not detect it!!! I was able to remove it using Prevx.
Is there anyway I can report this virus to Avast so that it is included in the program’s database and detectable in future versions?
Prevx found the virus in DIRECTX.EXE at the system32 folder. I noticed I was infected when zone alarm detected a file named IEXPLORE.EXE trying to act as a server. I denied, but after that my MSN messenger wouldn’t connect. Firefox was working fine, but Internet Explorer wasn’t opening any websites. I checked the list of processes in the Task Manager and noticed IEXPLORE.EXE was running even though the browser was closed. So I terminated the process and now both MSN and MSIE would work fine. However, next time I restarted windows, the whole same thing happened again. I searched my computer for IEXPLORE.EXE and found it in a strange folder, other than the one in which the real browser is. I deleted it, but that didn’t fix the problem, and next time I restarted the file was back in a different folder with a similar name, causing the same problems. So I googled and found out the Prevx could remove this virus, so I installed it and it worked.
In case you don’t want to click on the link above, I’m copying his messages here. Notice that he had the exact same problems I had:
Name: Franball
Date: August 17, 2006 at 02:41:03 Pacific
Subject: Help! iexplore.exe all over!
OS: Windows XP
CPU/Ram: Athlon XP
Manufacturer/Model: AMD
Comment:
Hi... This is what happens from the begining. I turn on the computer. When Zone Alarm finishes loading at startup, it tells me that IEXPLORE.EXE is trying to act as a server on the internet. Of course the real iexplore.exe from c:\program files is not running. This one comes from "c:\windows\$MSI31Uninstall_KB893803v2$", just to name one, since every time I erase the file, another one comes out from a folder with a similar name. Then, after finding out that no antivirus/antispyware detects it, I go to regedit and start deleting the entries, but when I restart the computer, the registry entries are back, and IEXPLORE.EXE is trying to gain access to internet and act as a server again! ... PLEASE PLEASE HELP ME IT'S DRIVING ME CRAAZY! THANX
Name: Franball
Date: August 17, 2006 at 11:52:42 Pacific
Subject: Help! iexplore.exe all over!
Reply:
Thank you so much for trying to help me out murr but I've finally killed it. Apparently it was the trojan.directx malware that kept creating those explorer.exe files. I used PREVX since no other antivirus/antispyware detected it. Thanx again!