# IEstarter 0.21 by hoax32



## hoax32 (Jul 23, 2011)

Hi leutz!!!
Im still a beginner in programing so please don't ive me any comments like "you suck!!!" 
I finally finished my new program called IEstarter.
It's still a BETA version so it might have some undiscovered problems.

About IEstarter:
----------------
File name:  IEstarter.exe
Size:  0.035MB (35KB)
Programmer:  hoax32
Programming Language:  C++ and some batch
Language:  English

System requirements:
---------------------
OS:  XP and UP
RAM: 128MB
HDD: 2GB FREE SPACE
CPU: P3 or higher
GPU: Windows supported GPU

Following situation:
A Virus has infected your Computer and all shortcuts are distroyed / manipulated!
You have no access yo the windows explorer or "Windows + R".
But there is more than 1 problem:
You need the internet explorer to do something immportant REALLY FAST!!!!!
What to do?
Use IEstarter!
IEstarter starts your internet explorer (all versions) my executing the main file.
It also makes shure, that file is the ACTUAL iexplore.exe and not something like ieexplore.exe

It's a great tool to trick malware and I hope that you guys like it!
Like I sayed it's nothing big! 

Please try it out!
I appreciate any feedback!


----------



## Kreij (Jul 23, 2011)

How does one know that the virus has not compromised IEStarter.exe?


----------



## hoax32 (Jul 23, 2011)

It checks parts of the code, file size and background info of the exe.
Thanks for asking!


----------



## Kreij (Jul 23, 2011)

My pleasure.
How does IEStarter know that iexplorer.exe has not been compromised?


----------



## hoax32 (Jul 23, 2011)

Kreij said:


> My pleasure.
> How does IEStarter know that iexplorer.exe has not been compromised?




I am thinking of adding a function to version 0.30, which emulates the execution of iexplore.exe:
If IEstarter detects any unusual files that are connected to iexplore.exe,  I will warn the user.

Thats gonna be a hard task though!


----------



## Kreij (Jul 23, 2011)

If all shortcuts on the system do not work (this would include shortcuts in the start menus) and the keyboard shortcuts are hosed, how do launch IEStarter?

I'm not picking on your app, just asking questions others may be thinking too.


----------



## qubit (Jul 23, 2011)

Kreij's points are spot on.

Ultimately, with an infected system, it's not possible to guarantee that you're not running more malware. It's also not possible to guarantee that your application won't be hijacked itself, regardless of how many checks and balances you put into it - the malware can simply delete your files and replace them with something else. Game over.

My answer to having to do something on such a PC _*now*_, is to use another computer. Once you know Windows is compromised, it's foolish to do anything else.

If you want to program for security, then I suggest hanging out on security related forums and getting involved in coding projects they might have there. You'll learn a lot more and you'll make much more useful software.


----------



## hoax32 (Oct 14, 2011)

I am about to finish my new version of IEstarter!
Improvements:

-avaible as a ".exe" , ."bat" , ".com"
-new security features
-checks iexplorer.exe for valid coding (stops execution, if cooding is different)
-coding is protected --> program cannot be manipulated, otherwise error: "not a valid win32 application" will pop up [this prevents the infection and execution of IEstarter]


----------



## xbonez (Oct 17, 2011)

Kreij said:


> If all shortcuts on the system do not work (this would include shortcuts in the start menus) and the keyboard shortcuts are hosed, how do launch IEStarter?
> 
> I'm not picking on your app, just asking questions others may be thinking too.



I'd like to know this as well. There are numerous ways to launch explorer (Win+E, Run, Task Manager etc.). If all of them have been compromised, what's keeping IEStarter from being compromised as well?


----------



## hoax32 (Oct 17, 2011)

I am actively experimenting with viruses and trojans in sandbox and I have never seen a virus / trojan / worm / spyware / any other malware - that disables a .bat file after booting in safe mode with network drivers.
IEstarter is ment to be started from CD / USB drive.
IEstarter can also be executed by adding it to the auto start list when a computer is clean so everytime you start your computer, it executes internet explorer and incase of an infection Internet explorer will still start and the awesome thing about this program is that it tells you prior executing of the iexplorer.exe if it is the actual file or if its infected!


----------



## Mindweaver (Oct 17, 2011)

hoax32 said:


> I am actively experimenting with viruses and trojans in sandbox and I have never seen a virus / trojan / worm / spyware / any other malware - *that disables a .bat file* after booting in safe mode with network drivers.
> IEstarter is ment to be started from CD / USB drive.
> IEstarter can also be executed by adding it to the auto start list when a computer is clean so everytime you start your computer, it executes internet explorer and incase of an infection Internet explorer will still start and the awesome thing about this program is that it tells you prior executing of the iexplorer.exe if it is the actual file or if its infected!



What's to disable in a .bat file? A batch file is just a list of commands in a file that sends those commands to a command prompt (COMMAND.COM, cmd.exe). I'm not knocking your idea, but if i thought i had a virus i would use "Solaris Utility DVD" or "A linux distro CD" or to be totally sure.. whip the drive and start over... Not try to use my already compromised PC nor would I ever need to have something launch ie..... I never launch ie..  But good luck with your program.. I'm in no shape saying not work on it.. I just don't see the point in it.

*EDIT: IE probably gave you the virus in the first place... *


----------



## ctrain (Oct 18, 2011)

what happens if i patch the code as it's running?

and what's with the fake load screen


----------



## erixx (Oct 18, 2011)

amazing stuff, really!

But i have never had a virus other than a funny code joke a decade back and don't know what I would do. I think turn off and reformat, and use another computer meanwhile

but... in case I had to use the infected computer, I would just run Opera or similar explorer from a pendrive. 

But keep testing etc, it is really interesting


----------



## ShiBDiB (Oct 18, 2011)

Seems.. useless.. but dont stop cause I suppose itll be a good learning tool for coding..

Useless because my dads computer was infected with some malware AV virus that shuts down any process you try to start regardless of if its a .bat or whatever.. The best protection from viruses is not getting them in the first place. Not preparing your computer to be slightly useable when you do get one.


----------

