Graphics driver crashes iehighutil.exe (Malware)

Associate
Joined
27 Oct 2007
Posts
608
Had experience last week of this nasty bit of malware.

Graphics driver kept crashing and was almost at the stage of pulling the card and starting an RMA. I thought it was TDR issues (Timeout Detection & Recovery problem) which I had read about

Found out that it was actually malware that had been installed on my system after I had noticed iehighutil.exe running in task manager and then started Googling for info.

Seemingly it sets itself up and uses the installed graphics card to mine Bitcoins and crashes the graphics driver while doing so.

The AV I use never picked it up (MSE) and Malwarebytes also never picked it up on a scan.

So just a heads up for anyone having graphics driver crash issues at this time that this might be worth a look.
 
Stopped the process running, deleted the folders that it had created and deleted registry key.

Also stopped process from starting in MSCONFIG.

Seems to have done the trick.
 
had this bug last week, read up & done the same as yourself.
also read on a few places, that most virus's, malware appz where just not picking this up.
thats bad :(
 
Anti-virus isn't able to detect unknown threats and it's incredibly easy to obfuscate new code.

Keep your system patched and use a little common sense.
 
had this bug last week, read up & done the same as yourself.
also read on a few places, that most virus's, malware appz where just not picking this up.
thats bad :(

I had the same issue and got ComboFix from bleepingcomputer.com (its free) and ran it in Safe mode, it detected and deleted iehighutil.exe and a bunch of other files & registry entries.

No problems since, the virus had my GTX 480 running at 95C just sitting idle at windows desktop.
 
I just found the same thing i thought it was a driver problem, i disabled it in start up and deleted C:temp but my GPU usage kept rising on desktop, so tried the ComboFix and alls fine now.
I may do a reinstall of W7 anyway but for now thanks.
 
Get a better anti virus than MSE as well.... MSE is not very good anymore.

I use Avast! free, comodo firewall and MBAM
 
I got this months back when it first hit and was wondering what the hell was causing bad performance in games then checked task manager and my CPU usage was like 100% at all times, turns out this pesky little fella is a bitcoin farmer.
 
From looking around seems to install itself via a java exploit that was unpatched for quite awhile so quite hard to protect against unless your running say firefox with noscript and only enable it for trusted sites (or run without java at all)... however the sites known to try to infect users with it are for the most part.. well... decidedly dodgy, have to wonder what people were browsing to end up getting infected by it :D
 
From looking around seems to install itself via a java exploit that was unpatched for quite awhile so quite hard to protect against unless your running say firefox with noscript and only enable it for trusted sites (or run without java at all)... however the sites known to try to infect users with it are for the most part.. well... decidedly dodgy, have to wonder what people were browsing to end up getting infected by it :D

Your telling me Buxy blondes is a suspicous site?:)
 
From looking around seems to install itself via a java exploit that was unpatched for quite awhile so quite hard to protect against unless your running say firefox with noscript and only enable it for trusted sites (or run without java at all)... however the sites known to try to infect users with it are for the most part.. well... decidedly dodgy, have to wonder what people were browsing to end up getting infected by it :D

This, I do happen to use firefox and noscript ;) but damn what sites where you guys on, there must be some naughty stuff on there!:p
 
Back
Top Bottom