Over 1 million tech questions and answers.

iexplorer.exe virus, Win7

Q: iexplorer.exe virus, Win7

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 3893 Mb
Graphics Card: Intel(R) HD Graphics, 1722 Mb
Hard Drives: C: Total - 585947 MB, Free - 423006 MB; D: Total - 24227 MB, Free - 3539 MB; G: Total - 99 MB, Free - 89 MB;
Motherboard: Hewlett-Packard, 146A
Antivirus: avast! Antivirus, Updated and Enabled

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:50:18 AM, on 10/7/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\SugarSync\SugarSync.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\DriveSitter\DriveSitter.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Kacy Robbins\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141" target="_blank" class="wLink">http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: EgisPBIE - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DriveSitter Pro] "C:\Program Files (x86)\DriveSitter\DriveSitter.exe" /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-unins...xAC0AWABPADMANgArADEA"&"prod=90"&"ver=9.0.901
O4 - HKCU\..\Run: [SugarSync] "C:\Program Files (x86)\SugarSync\SugarSync.exe" -startInTray -usedelay=true
O4 - HKCU\..\Run: [silgv] "C:\Windows\System32\rundll32.exe" "C:\Users\Kacy Robbins\AppData\Roaming\silgv.dll",memcpy_check
O4 - HKCU\..\Run: [wmirvn] "C:\Windows\System32\rundll32.exe" "C:\Users\Kacy Robbins\AppData\Roaming\wmirvn.dll",MemberDescr_Type
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O21 - SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CinemaNow Service - CinemaNow, Inc. - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: DriveSitterService - Oliver Marr - C:\Program Files (x86)\Common Files\DriveSitter\DSSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Service - Egis Technology Inc. - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxdn_device - Unknown owner - C:\Windows\system32\lxdncoms.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SHDSERV - Unknown owner - C:\Program Files (x86)\Shield\shdserv.exe
O23 - Service: Shield Client Service (ShieldClientService) - Unknown owner - C:\Program Files (x86)\Shield\shieldclnt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14799 bytes
I get the following error message when I copying and pasting the dds.txt, attach.txt & ark.txt logs....
Therefore, they are attached.
The following errors occurred with your submission:
The text that you have entered is too long (1027191 characters). Please shorten it to 300000 characters long.

# AdwCleaner v3.006 - Report created 07/10/2013 at 18:57:36
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Kacy Robbins - KACY
# Running from : C:\Users\Kacy Robbins\Desktop\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****

***** [ Files / Folders ] *****
Folder Found C:\ProgramData\Ask
Folder Found C:\Users\Kacy Robbins\AppData\LocalLow\AVG Security Toolbar
***** [ Shortcuts ] *****

***** [ Registry ] *****
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Software\Zugo
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\Zugo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16686

*************************
AdwCleaner[R0].txt - [1008 octets] - [07/10/2013 13:36:47]
AdwCleaner[R1].txt - [1068 octets] - [07/10/2013 13:43:47]
AdwCleaner[R2].txt - [982 octets] - [07/10/2013 18:57:36]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1041 octets] ##########

Read other answers
RELEVANCY SCORE 200
Preferred Solution: iexplorer.exe virus, Win7

I recommend trying the free service from Zip Cloud. It's currently our users' favorite backup and storage solution and will save you headaches down the line.

You can get it direct from this link http://goo.gl/rFYDxc. (This link will open the Zip Cloud homepage.)

RELEVANCY SCORE 52

THIS IS WHAT I GET ALMOST EVERYTIME I USE INTERNET EXPLORER IF IM ON IT FOR A WHILE IT CRASHES, OTHERWISE IT POPS UP WHEN I CLOSE INTERNET EXPLORER
I CANT FIGURE IT OUT PLEASE HELP ME

Problem signature:
Problem Event Name: APPCRASH
Application Name: iexplore.exe
Application Version: 8.0.7600.16671
Application Timestamp: 4c86f9be
Fault Module Name: StackHash_0a9e
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 00000000
Exception Code: c0000005
Exception Offset: 01b80f93
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033
Additional Information 1: 0a9e
Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
Additional Information 3: 0a9e
Additional Information 4: 0a9e372d3b4ad19135b953a78882e789

A:win7 32 bit APPCRASH iexplorer.exe

It's an access problem.
Please go to Start, type in "iexplore -extoff" (without the quotes) and press Enter

If IE works fine that way, then it's an addon that's causing your problems - and you can disable them one-by-one in the Tools menu (press the Alt key to see the menu).

Read other 3 answers
RELEVANCY SCORE 47.6

Logfile of HijackThis v1.99.1
Scan saved at 9:08:22 AM, on 9/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Pr... Read more

A:IEXPLORER.EXE overide Iexplorer.exe - help needed to get rid of IEXPLORER.EXE

iexplore.exe (Not iexplorer.exe) should be located in Program Files\Internet Explorer for IE6, as it is.


Quote:




C:\Program Files\Internet Explorer\IEXPLORE.EXE




Nothing wrong there.

AVG finds are simply notifications that a system file has changed. This is normal, and likely a response to a recent Windows update which changed core files.


Quote:




It is normal that AVG shows that files, the MBR or Boot record to have changed. These are done during normal maintainance, when you or windows updates files or have had to correct errors on the drive. The only time that you should worry is if they also show as infected.




http://forum.grisoft.cz/freeforum/re...,backpage=,sv=


Quote:




To get AVG to quit showing them as changed, open the AVG Test Center, click the F3 key on your keyboard and tell it to accept the changes. If it still shows something as changed after this.. delete the file named AVG7QT.DAT in the %ALLUSERSPROFILE%\Application Data\avg7\ folder and AVG will rebuild it the next time it is run.




aaw2007[1].exe is a false positive report, which was supposed to have been taken care of a month ago. Is your AVG up to date?

Are you sure about this:

Comodo firewall warns of high risk:
Scvhost.exe .... warn for suspecious behavior

is it not svchost.exe?


Establish an internet connection & perform an online scan with Internet Explorer at Kaspe... Read more

Read other 1 answers
RELEVANCY SCORE 47.6

Logfile of HijackThis v1.99.1
Scan saved at 9:08:22 AM, on 9/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Pr... Read more

A:IEXPLORER.EXE overide Iexplorer.exe - help needed to get rid of IEXPLORER.EXE

Hi Beeseetan and welcome to TSF !

I don't see anything weird in this HijackThis log.

c:\program files\internet explorer\iexplore.exe is the correct location for the internet explorer file (note that it's iexplore.exe and not iexplorer.exe).

What makes you say you have an infection ? Are you sure it's not just some legit update from windows update ?

I noticed you posted your log twice, once here and once in the HijackThis section. Please refrain from doing that as we can't help you efficiently if our advices get split between 2 different thread. I'll wait for your answer here and we'll see which thread we'll keep.

There are also prerequisites that you need to take before posting an HJT log. See the "Having problems with spyware and pop-ups? First Steps" line at the top right of TSF's homepage. We advise you to follow those 5 steps (which you can also find in my sig) before posting an HJT log. As you have already posted your log please don't post a new one but you can still follow steps 1 to 4.

Read other 2 answers
RELEVANCY SCORE 47.2

I seem to have a very nasty bug that runs iexplorer in the background that produces some ads or something that I hear but cannot see. I also can't run spyhunter anymore or SDFix. It shows up in the task manager for a few mins or so and then goes away, but never runs.

After running RegCure once, I got a winsock error that had me down for several days. Just fixed that which allowed me back on the internet. Was going to do a complete wipe, but I can't even seem to do that. My pc is now running at 100% memory usage and I have no idea where to turn. PLEASE HELP!!

I have the DDS and attach....also Hijack This log as well.

A:redirecting virus and iexplorer running in background virus/spyware??

Hello Just D,Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.Please do this:1. Download HijackThis? here:http://www.trendsecure.com/portal/en-US/th.../hijackthis.php2. Click 'Do a System Scan and Save log'.The HJT log will open in notepad.Thanks,tea

Read other 4 answers
RELEVANCY SCORE 47.2

Alright guys, I'm used to fixing most computer problems by myself (being a part time IT guy and all) but I simply cannot get rid of these two viruses (are they one combo virus?). And you guys are really awesome so I need your help! :p

Seems like i have the typical google redirect virus (though I did some research and the files that most people were infected with were not present on my computer, same for the random audio virus) that I kind of crippled after deleting some files but it's still affecting my google searches. Furthermore, I have the random audio virus which plays audio clips randomly every once in a while and indeed the iexplorer.exe services pops up in my task manager everytime it plays (two of them actually). These two viruses seem to go hand in hand in the research I did, kinda sucks...

I removed PowerISO and then followed the procedure you guys outlined, here's the info:



DDS (Ver_09-11-24.02) - NTFSx86
Run by Ben at 8:20:41.90 on 26/11/2009
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Professional 6.1.7600.0.1252.2.1033.18.2046.1094 [GMT -5:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestr... Read more

A:google redirect virus + random audio virus (iexplorer.exe)

well, it actually seems like the virus is gone (kind of a long story, stuff happened between this thread's posting and now, will explain at another time) but I'll run another scan and post it when I have time later tonight.

Read other 10 answers
RELEVANCY SCORE 45.2

this iexplorer.exe virus keeps slowing down my computer...help im a noob how do i delete it?
 

A:iexplorer.exe virus

Read other 8 answers
RELEVANCY SCORE 45.2

Can someone please help?I' ve been hit with iexplore.exe. I've ran spybot and scanned with HJT. Here's the log. Thanx.

Logfile of HijackThis v1.97.7
Scan saved at 18:11:39, on 04/12/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version! (BT Broadband)?

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\gsicon.exe
C:\WINDOWS\System32\dslagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Eraser\eraser.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\BT Broadband\Help\bin\mpbtn.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\3c684eef8112f4a781e23f6ec44d5191\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Owner\Local Settings\Temp\Hijack... Read more

Read other answers
RELEVANCY SCORE 45.2

Here's my Hjackthis log could you please help me?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:44:38 AM, on 1/14/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\I... Read more

A:iexplorer.exe virus

Hi and welcome to TSF

We don't work on logs is this forum. If you think you are infect:

Please follow our pre-posting process outlined here:
http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, please post the requested logs in the Virus/Trojan/Spyware Help forum, not here.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.


BG

Read other 1 answers
RELEVANCY SCORE 45.2

Hi -- I believe I am suffering from the iexplorer.exe virus in which multiple instances of iexplorer appear in my processes (usually 3, and are revealed to me by audio ads popping up in the background, even though I'm not opening Internet Explorer). Below is the intro to the FRST file. 2nd part and Addition file to follow. Please let me know if I'm doing this correctly for the process... Thank you!!!

FRST
************************
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015
Ran by Owner (administrator) on OWNER-PC on 22-05-2015 08:17:57
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available profiles: Owner)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Appl... Read more

A:Iexplorer.exe virus

FRST, PART 2
****************
==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 08:17 - 2015-05-22 08:18 - 00024615 _____ () C:\Users\Owner\Downloads\FRST.txt
2015-05-22 08:17 - 2015-05-22 08:17 - 02108416 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2015-05-22 08:17 - 2015-05-22 08:17 - 00000000 ____D () C:\FRST
2015-05-21 21:43 - 2015-05-21 21:44 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-05-21 21:43 - 2015-05-21 21:43 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-21 21:42 - 2015-05-21 21:42 - 16986200 _____ () C:\Users\Owner\Downloads\RogueKiller.exe
2015-05-21 17:15 - 2015-05-21 17:15 - 76100690 _____ () C:\Users\Owner\Downloads\A6210-1.0.0.30.zip
2015-05-21 10:38 - 2015-05-21 10:38 - 00002136 _____ () C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2015-05-21 10:38 - 2015-05-21 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2015-05-21 07:21 - 2015-05-21 07:21 - 00000000 ____D () C:\Windows\pss
2015-05-21 07:17 - 2015-05-22 03:17 - 00001074 _____ () C:\Windows\setupact.log
2015-05-21 07:17 - 2015-05-21 07:22 - 00001150 _____ () C:\Windows\PFRO.log
2015-05-21 07:17 - 2015-05-21 07:17 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-21 07:01 - 2015-05-21 07:01 - 00000842 _____ () C:\Users\Owner\Desktop\REMOVE-INSTRUCT.txt
2015-05-21 06:51 - 2015-05-22 07:04 - 00136408 _____ (Malwarebytes Co... Read more

Read other 3 answers
RELEVANCY SCORE 45.2

When i try to Enter the internet on my laptop i get a pop-up saying that the internet has atopped working
The event name is:APPCRASH
The application name is:iexplorer.exe
Please Help!!!
 

Read other answers
RELEVANCY SCORE 45.2

Hi i am pretty sure that my computer may be very welll inffected with the virus iexplorer.exe and it has all the symptoms, my comptuer mutes itself for no reason evey now and then and it gives ranom voice ads that are invisible every now and then and i have 2 iexplorer.exe processes in my task manager, i was wondering if anyone can help thank you.

A:iexplorer.exe virus

Also when my computer mutes itself, I cannot get the sound back unless I restart my laptop. I am using an Acer Aspire netbook and it is still running right now but it also has muted my laptops sound sound again.

Read other 37 answers
RELEVANCY SCORE 45.2

Sorry I am unable to provide a hijackthis log since I am logged on to a computer at school and the problem is regarding my computer at home. I can't seem to view any websites or get any incoming bandwith (hence why i can't provide a hijackthis log). When I am push ctrl+alt+del, in the processes section it shows that iexplorer.exe or iexplore.exe don't remember which keeps increasing to 47k or so. I know this is a worm virus because i got the same one around 3 years ago but i forgot how to fix it. Any help would be great =D
 

A:Help with iexplorer.exe virus

Read other 16 answers
RELEVANCY SCORE 45.2

I have Windows XP and have recently acquired the iexplorer virus that slows my computer down, among other things. How in the world do I remove it? Please help! Thanks.
 

A:iexplorer virus

it's actually the "iexplore.exe" virus
 

Read other 1 answers
RELEVANCY SCORE 45.2

Followed the instructions Adam outlined in "need help with iexplorer exe virus" post  .... unfortunately I tried several other things before I got here....I have (nearly) twin XPS M1530 Laptops  -named Dented XPS and- Florida XPS. I have downloaded FRST64 exe/ tdsskiller exe-  logs are ready....

A:I also need help with iexplorer exe virus

Hi, please repost this in a new topic and post those logs here.Virus, Trojan, Spyware, and Malware Removal Logs

Read other 1 answers
RELEVANCY SCORE 45.2

This virus may have been picked up through soulseek ns. Not sure. I have followed all instructions. I deleted soulseek. I deleted bit torrent. Thank you in advance for your help. I do not have a windows install disc or boot cd. I started up in safemode and ran spy bot, super anti-spyware, and ccleaner before i followed the instructions on this forum. What do I need to do to eliminate the virus?



.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Owner at 15:27:29 on 2011-06-29
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.522 [GMT -7:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
c:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32... Read more

A:iexplorer.exe virus

Hello, Welcome to TSF.
I'm nasdaq and will be helping you.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Please do not install or uninstall any programs, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into the thread, rather than add them as attachments.
===

Please download Malwarebytes Anti-Malware and save it to your desktop.[list]
alternate download link 2Make sure you are connected to the Internet.
Double-click on Download_mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware

Then click Finish.
MBAM will automatically start and you will be asked ... Read more

Read other 19 answers
RELEVANCY SCORE 45.2

Hi

A few days ago my comp started playing random r n b music which could be ended when I turned off the iexplore.exe process (I don't use ie) which I now realise is actually iexplorer.exe - after googling it, it sounds really bad. I tried downloading every anti spyware/virus software I knew, but half of them have been 'firewalled' by my computer. My Kaspersky and ad-aware seemed to be getting rid of it but now they have both stopped working - apparantly the databases are corrupted? I am terrible with computers and have no idea what anything means!

Here is my hijack this log:
Logfile of HijackThis v1.99.1
Scan saved at 16:59:56, on 29/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.... Read more

Read other answers
RELEVANCY SCORE 45.2

My computer was infected with this virus due to p2p software use (soulseek). I posted on a different forum and went through the combofix procedure. Supposedly, there are no malicious registry entries. However, I am still experiencing problems with certain programs' performance as well as the over all speed of my computer. I specifically notice a difference in the speed of programs when using more than one program at once. I figured it would be smart to get a second opinion. In addition to the computer's performance issues I also have a windows security alert on my taskbar indicating that windows does not detect anti virus software when, in fact, StopZilla is installed and functional. I'd appreciate any help or useful information you can offer. Thank you very much in advance.

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Owner at 21:59:13 on 2011-07-11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.762 [GMT -7:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32�... Read more

A:iexplorer.exe virus

please post your ComboFix log(s)

Read other 2 answers
RELEVANCY SCORE 45.2

I got one, all right.2 iexplorer.exe is running, while i always use firefox.I did a hijack scan.Here's the log, please tell me what i can do.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 4:18:50 PM, on 30/11/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Pure Networks\Network Magic\nmapp.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Program Files\Microsoft Windows OneCare Live\winssnotify.exeC:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeC:\Acer\Empowering Technology\SysMonitor.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\ehome\ehmsas.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\system32\conime.exeC:\Program Files\Internet Explorer\iexplore.exeD:\Game Maker\Game_Maker.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\analyse.exeR0 - HKLM... Read more

A:iexplorer.exe virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable ... Read more

Read other 2 answers
RELEVANCY SCORE 45.2

I recently started getting pop ups stating internet explorer problem has occured and it needs to close. They are coming more and more frequently. I thought it might be linked to my latest installment of mcafee since the problem started after that, but now I'm worried it's a virus.

Could someone please help me get rid of this?

Thanks!!

A:iexplorer.exe virus?

Hi and welcome to BleepingComputer The process of cleaning your computer may require temporarily disabliling some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Result... Read more

Read other 6 answers
RELEVANCY SCORE 45.2

Hi, for the past couple days my computer has been running very slowly. So i checked task manager and saw that a process called "iexplorer.exe" was taking up almost all of my cpu usage. I've also noticed that several processes called "CINGJar0.exe" pop up at the same time with "iexplorer.exe". Voice ads started to come outa nowhere and random sites popped up in internet explorer, even though i don't use it. I've run malwarebytes several times and it never finds anything and i when i end the process through task manager it eventually just comes back. That's about the size of it, any help would be greatly appreciated.

Here's the logs: (I ran GMER several times but something keeps interrupting it before it can finish)

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz, x86 Family 15 Model 2 Stepping 9
Processor Count: 1
RAM: 1015 Mb
Graphics Card: Intel(R) 82845G/GL/GE/PE/GV Graphics Controller, 256 Mb
Hard Drives: C: Total - 147707 MB, Free - 74200 MB; D: Total - 4899 MB, Free - 630 MB;
Motherboard: MICRO-STAR INTERNATIONAL CO., LTD, Gamila/Giovani/Neon series, 030, 4311484019
Antivirus: None
HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:57:17 PM, on 6/7/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running process... Read more

A:iexplorer.exe virus

Read other 6 answers
RELEVANCY SCORE 45.2

iexplorer.exe keeps opening moltible times in processes, It slows down my computer and I dont know how to stop it. I'm runing windows XP home Edition. is this a virus. how can i fix this.Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:01:19 AM, on 8/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\AVG\AVG9\avgchsvx.exe
E:\Program Files\AVG\AVG9\avgrsx.exe
E:\Program Files\AVG\AVG9\avgcsrvx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\AVG\AVG9\avgwdsvc.exe
E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
E:\WINDOWS\System32\tcpsvcs.exe
E:\Program Files\AVG\AVG9\avgemc.exe
E:\Program Files\AVG\AVG9\avgnsx.exe
E:\Program Files\AVG\AVG9\avgcsrvx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\RUNDLL32.EXE
E:\PROGRA~1\AVG\AVG9\avgtray.exe
E:\Program Files\uTorrent\uTorrent.exe
E:\WINDOWS\system32\devldr32.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Internet Explore... Read more

Read other answers
RELEVANCY SCORE 45.2

Hi

I've encountered this virus before on a friend's laptop. Another friend of mine has recently inherited a laptop and installed wireless internet into her home. I recently noticed the laptop chugging away and thought it was just perhaps an older laptop or low memory.

However, I noticed the usual dual/triple iexplorer.exe running in the Task Manager. Now the TM very rarely loads and usualy (after a good coupe of minutes of pressing CTRL+ALT+DEL) I can a black screen and error message that read something like "Security Options failed".

Downloaded and attempted in stall HijackThis, but the installation is constantly cut-off.

Here is some basic info about the laptop I could find:

Windows Vista Home Basic (SP2)
Acer 5315
Processor: Intel(R) Celeron(R) CPU 540 @1.86GHZ 1.86GHZ
Memory (RAM): 1.00GB
System type: 32-bit

Any help or advice would be appreciated,
Diolch yn fawr
Shauny
 

Read other answers
RELEVANCY SCORE 45.2

About 2 days ago my computer started running real slow and I started receiving an error message something along the lines of "your virtual memory is too low to complete this request" when I tried opening firefox. When I looked at my Windows Task Manager log, it shows about 8 or 9 processes running with the name iexplorer.exe or explorer.exe and I don't even have IE open or use it. I believe I pasted and attached the appropriate logs to be viewed. If someone could review them and let me know if they find any issues that could be causing this problem and let me know how to fix them I would greatly appreciate it. Thanks and hope everyone had a Happy New Years.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:24:29 PM, on 1/1/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17093)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe
C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CL... Read more

A:Possible iexplorer.exe virus

Read other 13 answers
RELEVANCY SCORE 45.2

Hi
my computer is infected with iexplorer.exe virus , which is located in C:\WINDOWS\ directory. i tried to remove it manually but everytime windows restarts this virus is back.. it starts a process called Hello , which disables process manager from opening and also opens IE and redirects to some ad sites. i used tune up utilites process manager to discover this malicious process . Also this virus prevents me from searching for iexplore.exe in google and automatically shutdows firefox or IE... i killed the hello process , then it works fine only to return on the next reboot , what is happening ?? it also preventes Hijack This from running when the Hello process was running.. I'm posting the log of Hijack also here.. pls help
 

A:Help iexplorer.exe virus

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:18:03 AM, on 08/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Trend Micro\Antivirus\pccguide.exe
C:\Program Files\Trend Micro\Antivirus\PCClient.exe
C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search B... Read more

Read other 2 answers
RELEVANCY SCORE 44.8

Hello

First of all thank you for any help you can offer

I am pretty sure my system is infected with iexplore.exe which has nothing to do with internet explorer from Microsoft as you probably know they both use the same name

This virus really does create lots of problems first i had Norton installed with all updates and i still managed to some how get this iexplore.exe on my system

Once you have this it will Not let you install anything since my Norton was no longer working i tried to install Norton again from CD and every time i tried i was receiving all kinds of errors

I have also tried to install adware removal programs and every time it gets just half way through it comes up giving an error saying something like cannot write files

You also cannot end iexplore.exe in task manager unless you are very fast because it keeps jumping around in task manager so you have little chance to end the task

Also it will not let me start in SafeMode

I have posted my log below and would really be grateful if someone could help me remove it

Thanks for your help

PS Please see the picture below as it shows i have 2 of them running

http://img262.imageshack.us/img262/25/1dxo5.jpg




-----------------------------------------------------------------------






Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 18:18:40, on 09/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32... Read more

A:Please help me remove iexplorer.exe virus

Hi newb123,

Welcome to Tech Support Forum!

I apologize for the delay getting to your log. The helpers here are all volunteers and we have been very busy here lately. If you are still having malware problems, I will be glad to help.

OK, let?s do this first.

Please download ComboFix by sUBs:

NOTE: In the event you already have ComboFix, this is a new version that I need you to download.
Save it to your desktop.
Double-click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION:
Please do NOT mouse-click ComboFix's window while it is running. That may cause it to stall.
Also, please do NOT adjust your time format while ComboFix is running.


NEXT:

Please REBOOT your computer normally into Windows and post these logs in your next reply:The log from the ComboFix scan.
A new HijackThis log.

(You might have to paste the logs in multiple posts in the event they are too long and breach the post length restrictions of the forum software).

Also, please let me know how things are running now and if you encountered any problems while you were following the directions I posted.

~~~

Read other 1 answers
RELEVANCY SCORE 44.8

I've done extensive research over the past week as to how to remove this virus but I've still been unsuccessful in doing so. I have tried everything I can possibly think of, running MSE and Malware Byte + Spybot over night on safemode, has done nothing. Hoping I can be assisted, thanks.
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz, Intel64 Family 6 Model 23 Stepping 6
Processor Count: 2
RAM: 4095 Mb
Graphics Card: NVIDIA GeForce GTX 460 SE, 1024 Mb
Hard Drives: C: Total - 305234 MB, Free - 29303 MB;
Motherboard: ASUSTeK Computer INC., P5K SE/EPU
Antivirus: Microsoft Security Essentials, Updated and Enabled

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:33:41 PM, on 1/21/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe
C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe
C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Fil... Read more

Read other answers
RELEVANCY SCORE 44.8

Hi analysis team..Im expiriencing odd Audio infomercials at random times during the day. I look at my processes and see that i have two iexplore.exe processes. I also have this annoying Google search redirection virus that gives wants me to download something everytime i click a link and it pops up 2-3 times. Here's a Nice long log and I hope it's helpful..DDS (Ver_11-03-05.01) - NTFSx86 Run by Dexter-Gaming at 23:54:52.63 on Sat 05/14/2011Internet Explorer: 8.0.7600.16385Microsoft Windows 7 Home Premium N 6.1.7600.0.1252.1.1033.18.2046.1073 [GMT -5:00].AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\nvvsvc.exeC:\Windows\system32\sv... Read more

A:iexplorer.exe and Redirect virus?

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 3 answers
RELEVANCY SCORE 44.8

I started getting pop ups - internet explorer has encountered a problem and needs to close. We are sorry for the inconvenience. When I click on report it reads - AppName: iexplorer.exe AppVer: 7.0.6000.16791 ModName: mst123.dll ModVer: 0.0.0.0 Offset: 00001016

They pop up constantly and if I click on it my internet shuts down. Sometimes even if I don't click on it, the internet will close. In asking for help, I was told to try running the SDFix program but my computer will not allow me to so I was advised to run DDS and post in here.

Here is the log:
DDS (Ver_09-02-01.01) - NTFSx86
Run by HP_Administrator at 7:54:02.27 on Tue 03/10/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.1368 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\windows\system32\svchost -k DcomLaunch
svchost.exe
C:\windows\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNS... Read more

A:Infected with iexplorer.exe virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructio... Read more

Read other 2 answers
RELEVANCY SCORE 44.8

Hi, I think I have the Iexplorer virus running, 3-4 Iexplorer*32.exe process running at the same time when I never use Iexplorer. Also my upload/download has been over 80gig in less than a month without doing anything special. Any help will be useful to remove it and restoring my normal internet download/upload

Here the FRST file asked. The addition will follow in the next post.

Thank you in advance.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-08-2015 01
Ran by Mirlac (administrator) on SOVEREIGN (08-08-2015 14:02:26)
Running from C:\Users\Mirlac\Desktop
Loaded Profiles: Mirlac (Available Profiles: Mirlac)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(Avast Software) D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Hewlett-Packa... Read more

A:Iexplorer virus using all the bandwith

Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-08-2015 01
Ran by Mirlac (2015-08-08 14:02:57)
Running from C:\Users\Mirlac\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================

Administrateur (S-1-5-21-1783324084-865811299-2607782740-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1783324084-865811299-2607782740-1002 - Limited - Enabled)
Invité (S-1-5-21-1783324084-865811299-2607782740-501 - Limited - Disabled)
Mirlac (S-1-5-21-1783324084-865811299-2607782740-1001 - Administrator - Enabled) => C:\Users\Mirlac

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1783324084-865811299-2607782740-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-... Read more

Read other 11 answers
RELEVANCY SCORE 44.8

hi, my name is aldo and i hope you guys can help me.....i got a virus called IEXPLORER.EXE....also i have kaspersky as my antivirus and this thing is detecting an invader but it can't remove it, it is C:\Documents and Settings\All Users\Application Data\dumb pure bind support......and the program that shows in there is called LOCK SIZE.EXE.....so if you guys can help me here's my hijack this log; thank you in advance....

Logfile of HijackThis v1.99.1
Scan saved at 7:13:24 PM, on 1/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\... Read more

A:Iexplorer.exe Virus Problem

Hi aldo and welcome to TSG.

You say IEXPLORER.EXE? Is Kaspersky alerting you to this? Just to be sure, you're not confusing iexplore.exe (the executable for Internet Explorer) are you? IEXPLORER.EXE with 2 "R's" is quite different but there's no sign of this in your log.

What you do have is a Lop adware infection. This is usually installed by accident with "Messenger Plus Live" (not to be confused with Windows Live Messenger). It also comes bundles with various other dubious software but is relatively simple to remove.
Go to Start, then Control Panel and then Add/Remove Programs. Click Remove on any of the following:

CiD Help
CiD Manager
Messenger plus or messenger plus and client
Download Plugin for Internet Explorer
Bitdownload
Zone Media
WinZix
Search Plugin
Bitgrabber
BitRol
Netpumper
Torrent101
W3player

While uninstalling the above, if you're asked for a Verification code, please enter the numbers that appear in the window.

Once done, restart your machine - Important!

Then download Deljob.exe and save it to your desktop.
Doubleclick Deljob.exe to generate a logfile called logit.txt on your desktop.
Post the contents of the logfile in your next reply.
 

Read other 3 answers
RELEVANCY SCORE 44.8

Tech Support Guy System Info Utility version 1.0.0.1

OS Version: Microsoft® Windows Vista™ Home Premium , Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz, x64 Family 6 Model 15 Stepping 2
Processor Count: 2
RAM: 2045 Mb
Graphics Card: NVIDIA GeForce Go 7600 , 128 Mb
Hard Drives: C: Total - 143088 MB, Free - 21713 MB; H: Total - 9535 MB, Free - 1324 MB;
Motherboard: Sony Corporation, VAIO, Reserved, Reserved
Antivirus: Spyware Doctor with AntiVirus, Updated: Yes, On-Demand Scanner: Enabled

Hi Guys

I have already lost 3 days trying to resolve this problem after searching threads in many forums and posts on many blogs. The problem originated with Windows Vista Recovery Virus which I sucessfully removed with Malware Bytes. I upgraded to full version of Malware Bytes as a result of this. Spyware Doctor couldn't detect it at all, however I have to admit that I did not have SWD active at the time the virus hit.

Once I had successfully removed the WVR virus I was left with hidden files and startup icons/program...still am. In addition to missing files and icons I currently have also noticed iexplorer.exe running twice which Hijacks my browser. Every time I launch Mozilla Firefox (previously my default) browser I am prompted to confirm that I want Firefox to be my default. I have task manager running constantly so that when I see the iexplorer.exe apps running I can stop them, they re-appear every 5 minutes or so.

I need assistance with the follow... Read more

A:iexplorer.exe virus assistance!

Read other 10 answers
RELEVANCY SCORE 44.8

[font="Arial"]I was hit by this virus about a week ago. I've run the Microsoft scan and Maladwarebytes without success. A google search said that Rkill was effective for this virus. I downloaded it but the file won't open, perhaps a result of the virus? Any help is greatly appreciated! Thanks.

A:how to remove iexplorer.exe virus

Hi thefletch1950, to BleepingComputer. Sorry for the delay. My name is Jason and I'll be helping you. You can call me by my screename jntkwx or Jason is fine. Let's try rebooting into Safe Mode.This can be done tapping the F8 key as soon as you start your computerYou will be brought to a menu with several options. Press the down arrow key on your keyboard until Safe Mode with Networking is selected. Press Enter. Please see here for additional details. Once in Safe Mode with Networking, download Rkill Run Rkill (renamed iExplore.exe).Please be patient while the Rkill looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If it appears like Rkill did not stop the malware from running, please try running RKill again until the malware is no longer running. If you continue having problems running RKill, you can download the other renamed versions of RKill from the rkill download page. All of the files are renamed copies of RKill, which you can try instead. Please note that the download page will open in a new browser window or tab.Do not reboot your computer after running RKill as the malware programs will start again! Still in Safe Mode with Networking, open Malwarebytes. Select the Update tab, and click on Check for Updates.If an update is found, the program will automatically update itself. Press the OK button and continue.If you encounter any problems while downlo... Read more

Read other 1 answers
RELEVANCY SCORE 44.8

Hello everyone im new to this site and my friend told me about it,

Ive recently encountered a virus that on startup opens
internet explorer and you cant end process or anything, you cant
even see it and it plays all these songs >< plus i cant even
open firefox anymore and every goolge link goes to another wierd
site thats either a virus malware or a porn site. And when doing the hijack log it ended up with 2 errors but i managed to get a hold of this:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:21:58 AM, on 7/11/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\ehome\ehSched.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
d:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.... Read more

A:iexplorer and system32 virus :( plz help

Hello and welcome to TSF.

Sorry for the delayed response. Although I can see several infections present from the HijackThis log, we need more comprehensive logs to understand and analyze the malware. If you have not received help elsewhere and still need help please follow the instructions in IMPORTANT - Read This Before Posting A Log and post the two text files, main.txt and extra.txt produced by the Deckard's System Scanner

Read other 3 answers
RELEVANCY SCORE 44.8

I try everything with bitdefefender, but the virus is still there, someone know what to do?Here my Hijack log:Thanks for helping me,Garry---------------------------------------------------------------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:27:28 AM, on 02/06/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16827)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exeC:\Program Files\BitDefender\BitDefender 2009\vsserv.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exeC:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\HPZipm12.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\MsPMSPSv.exeC:\WINDOWS\system32\SearchIndexer.exeC:\... Read more

A:Virus with the iexplorer.exe process

Hi,Did you set this?:O1 - Hosts: 138.21.25.2 srvnt-bddv # Viry license serverO1 - Hosts: 138.21.25.77 netsaint # Viry comms serverO1 - Hosts: 138.21.25.7 intranet # Viry IntranetO1 - Hosts: 138.21.26.184 forum-rf1 # RF1S LUAO1 - Hosts: 138.21.25.146 xbox # Viry Factory XBOXO1 - Hosts: 138.21.26.57 uk-jabber # New Exodus ServerIf not, fix in HijackThis.* Please download Malwarebytes' Anti-Malware from Here or HereDouble Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.In case you already used MBAM previously, please update it before proceeding with the scan. To do this, click the "Update" tab and click the "Check For updates" button.Once the program has loaded and updates were downloaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply along with a fresh HijackThis log.Extra Note:If MBAM encounters a file that i... Read more

Read other 2 answers
RELEVANCY SCORE 44.8

I dont know what to look for on my log list from hijack this. Can someone steer me in the right direction? Thanks.
 

Read other answers
RELEVANCY SCORE 44.8

i have the dreaded 2 instances of iexplorer virus, malwarebytes and super anti spyware dont recognize it ill try to post my hijack this logfile.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 103 PM, on 4/7/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\steve\Program Files\DNA\btdna.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\Dell Support Center\gs_agent\dsc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\... Read more

A:2 iexplorer instance virus

any help would be appreciated

Read other 2 answers
RELEVANCY SCORE 44.4

Looking for help with malware or virus removal.

This is blocking the normal operation of some programs, mainly any malware removal tool. The programs load, but do not show on the screen. The task manager shows a routine named iexplorer.exe running one or more times. It loads automatically from one to several times. If it is killed, it returns later.
The screensaver also does not operate.

Please see the below DDS - when running this I noticed programs in the task manager poping up and disappearing in different positions as if trying to evade the DDS.

Please also see the attached - attach.zip file.

I would appreciate any help - Thanks in advance.

terry


DDS (Ver_09-05-14.01) - NTFSx86
Run by Owner at 712.67 on Thu 06/18/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.504 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINNT\system32\svchost -k DcomLaunch
svchost.exe
C:\WINNT\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spoolsv.exe
svchost.exe
C:\Program Files\Clopay Corporation\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC... Read more

A:Malware or Virus disguised as iexplorer.exe

Okay, I have found an answer for anyone else with the same issue.

GMER Rootkit found two Service type (***hidden***) files highlighted in RED
system32\drivers\TDSSmact.sys(***hidden***)
C:\WINNT\system32\drivers\UACfalkdvbnexmnswq.sys(***hidden***)

I right clicked on each using GMER and Disabled them.

That fixed my problem - as Macfee immediately began to identify Trojans and remove them.

Screen saver began to work and iexployer.exe did not load by itself anymore.

Malware removal software would load from icon.

All seems normal now.

Good luck if you have this issue.

Read other 10 answers
RELEVANCY SCORE 44.4

DDS cannot finish its scan, it runs a little slow and then computer locks up and I have to restart. Some of the options for doing a GMER scan were grayed out, so I was unable follow that part of the posting instructions as well. Can you reccomend something else I can use to post logs?

While using firefox, I have been redirected to different sites, mostly when I use a search engine but other times it will just happen randomly. Also, Internet Explorer, which I never use, will open up an ad or a site on it's own. Also, I can see iexplorer.exe using task manager using up large amounts of cpu and ram even if it's not open on my screen. I have tried a system restore as well as Malware Antibytes and Avast (both up to date) which have found nothing. I have tried using TDSSKiller and it fails to open, even if I rename it and change the file extension.

It'd be really awesome if you can help me with this. It's not been a good weekend...

A:Redirect Virus and iexplorer.exe always running

DDS finally ran the whole way through!

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by user at 16:23:35 on 2011-11-08
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.327 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WI... Read more

Read other 22 answers
RELEVANCY SCORE 44.4

Im having a problem getting rid of this virus. I have run adaware and spybot. Here is my Hijackthis log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:44:19 AM, on 7/7/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\SCardSvr.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Apoint\Apoint.exeC:\WINDOWS\system32\WLTRAY.exeC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\Program Files\Java\jre1.6.0_01&#... Read more

A:Iexplorer.exe (evivinc Virus) Problem.. Please Help

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:Preparation Guide For Use Before Posting A Hijackthis LogPlease also post the problems you are having.

Read other 1 answers
RELEVANCY SCORE 44.4

Hello,

I've lately been noticing a lag in my computer speed considerably in when i try and click on icon (I click once nothing happens, I click on something twice and it might open, usually opens by the third click but is really bothering me...) I've done a couple of scans with programs malawarebytes and superanti spyware i've attached what has been found by malawarebytes but it has been deleted successfully from my computer, also i've ran a combofix.exe scan and have attached the file as well... I've also ran an online scan (housecall 6.6) and it found a Troj.Winmad.AT but successfully deleted this as well. So i'm a little stumped as that any scans i've done recently have come up clean but my computer is still acting like it has something in its circuits... Please help

Much appreciated,
chomie.

A:iexplorer.exe using 100000+ Mem Usage Possible Virus? Help?

Hi chomieWelcome to Bleeping Computer! Sorry about the delay. We're all volunteers here, and it's been very busy.If you still need help, please make sure you follow all the steps found in this topic: Preparation Guide For Use Before Posting a Log and post a fresh Hijackthis log, in this thread, so I can help you with your malware problems.

Read other 1 answers
RELEVANCY SCORE 44.4

hey guys, I just ended about 50 instances of iexplorer.exe from task manager... i get audio advertisements coming through my speakers. this is unreal. here is my hijack this log, thanks in advance to anyone who can help me here...I am running firefoxLogfile of Trend Micro HijackThis v2.0.2Scan saved at 8:08:33 PM, on 8/26/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Microsoft LifeCam\MSCamS32.exeC:\WINDOWS\ALCWZRD.EXEC:\Program Files\Winamp\winampa.exeC:\WINDOWS\System32\svchost.exeC:&#... Read more

A:Hi Guys, who wants to help with the Evivinc virus aka "iexplorer.exe"

anybody? here is my current hjt log.... now every time i turn on my computer in normal mode iexplore.exe starts right away.... and i have to go to task manager to end it or it will run in the background and open up 50 times... its weird because its not in the startup tab on msconfig.... anybody please let me know hereC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\MagicDisc\MagicDisc.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Java\jre6\bin\jucheck.exeC:\Program Files\Symantec\LiveUpdate\luall.exeC:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEC:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exeC:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\... Read more

Read other 6 answers
RELEVANCY SCORE 44.4

I was looking at the resource monitor and noticed several suspicious services running. One of which is the fact that iexplorer.exe has 3 services running and csrss.exe has 2 running. I looked a few up and it seems as though I may have a virus. I have had problems with this computer since I purchased it. It could be possible that a virus was transferred from my old computer. I would appreciate any help with this.
Thanks,
Karen


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: AMD A4-4300M APU with Radeon(tm) HD Graphics, AMD64 Family 21 Model 16 Stepping 1
Processor Count: 2
RAM: 3547 Mb
Graphics Card: AMD Radeon HD 7420G, 512 Mb
Hard Drives: C: Total - 475960 MB, Free - 440017 MB;
Motherboard: SAMSUNG ELECTRONICS CO., LTD., NP355E7C-A01US
Antivirus: Windows Defender, Disabled
 

Read other answers
RELEVANCY SCORE 44.4

I have an infection on Vista - ieexplorer + ieuser keeps showing up every few seconds in task manager. I use Firefox.
I have tried everything, most in Safe mode and full scans. I even renamed tdss before running it.
If I go into my Lan settings and change proxy address to 0.0.0.0 then Firefox stops working. Please assist. Email [email protected]

Spybot, hijackthis, malwarebyte, tdss, Windows security essentials, superantispyware, ccleaner.

The processes still appear in Task Manager and I am not running IE. If webbrowser loaded then it will load pages filled with ads.
Here is the latest log after running everything:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/09/2012 at 12:56 PM

Application Version : 5.6.1014

Core Rules Database Version : 9709
Trace Rules Database Version: 7521

Scan type : Quick Scan
Total Scan Time : 00:07:10

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 1 (Build 6.00.6001)
UAC On - Limited User (Administrator User)

Memory items scanned : 608
Memory threats detected : 0
Registry items scanned : 31857
Registry threats detected : 0
File items scanned : 6853
File threats detected : 15

Adware.Tracking Cookie
ad.yieldmanager.com [ C:\USERS\SHYAMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5QENYPG9.DEFAULT-1342274292251\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SHYAMAL\APPDATA\ROAMING\MOZI... Read more

A:stubborn iexplorer virus wont go

Hello sonial8If running all those tools found nothing,it's time to get a deeper look. Please follow this Preparation Guide and post in a new topic. Let me know if all went well.

Read other 3 answers
RELEVANCY SCORE 44.4

Seem that I've caught the new bug that's going around. I have 3 instances of iexplorer.exe running in the task manager and suffer from random pop up ads and the WAV volume control being muted.

Here is a HJT log, if you need anything else please let me know! Thanks in advance for your help.

I've also attached a combofix log if that's of any use.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:08:48, on 07/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\drivers\audio\r205445\stacsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\Avira Security Management Center Agent\agent.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OCS Inventory Agent... Read more

A:iexplorer.exe + audio mute virus

Thought I'd be 'pro-active'! and post some of the other logs that tend to be requested.

Here is the one from RSIT

Logfile of random's system information tool 1.07 (written by random/random)
Run by mbo at 2010-07-07 14:16:52
Microsoft Windows XP Professional Service Pack 3
System drive C: has 14 GB (28%) free of 50 GB
Total RAM: 2000 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:16:54, on 07/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\drivers\audio\r205445\stacsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\Avira Security Management Center Agent\agent.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OCS Inventory Age... Read more

Read other 3 answers
RELEVANCY SCORE 44.4

I have a "new" factory reconditioned Dell laptop running Windows 8.  Windows 8 is new to me and during the startup and updating process the iexplorer got on my computer.  I googled and tried a bunch of removals but haven't been successful.  Either the instructions were for earlier windows or I get funneled into purchasing a removal tool.  Can anyone help with this.

Read other answers