How do I get rid of the iexplore.exe trojan?

Reality|Bites

Reality|Bites

Reality|Bites

Permabanned
Joined
5 Apr 2006
Posts
7,704
Asked for help on guru3d, didn't get much help

http://forums.guru3d.com/showthread.php?p=2551084#post2551084

Hi

I have a process that runs at startup called iexplore.exe which I cannot get rid of.

I end it in task manager but a few seconds later the exe starts up again, Using 25MB of memory.

I know it isn't internet explorer as i've read on a few other forums, but I still havn't found a fix yet.

I even resorted to installing Norton 360 but that only found mIRC as a virus.

Funnily though, When I actually open a browser page it doesn't start a new process, The memory usage just increases on the trojan file.
 
The problem with having something like this is you are now trying to fix it after the event rather than preventing it. So, if the trojan/virus is good enough, it will notice that items like Norton / AVG / etc. are being installed and mask itself to them.

You can try the free online virus guards. And there could be a virus in mIRC, etc. which is causing this - because the process is iexplore doesn't mean the application that is creating that process is called that.

Try any of these:

http://www.bitdefender.com/scan8/ie.html
http://housecall.trendmicro.com/



M.
 
disable system restore
install nod32, spybot s&d, avg antispyware, adaware se

run full scans with all, reboot
 
bledd. said:
disable system restore
install nod32, spybot s&d, avg antispyware, adaware se

run full scans with all, reboot
Click to expand...

boot into safe mode to do all that if possible. if its a program that automatically restarts after killing the process then safe mode will stop them running to begin with, enabling you to delete the source file.
 
skanky said:
boot into safe mode to do all that if possible. if its a program that automatically restarts after killing the process then safe mode will stop them running to begin with, enabling you to delete the source file.
Click to expand...

i had this problem a few months ago and it drove me crazy. i used about 5 differnet AV progs and loads of AS progs in safe mode but still could not shift it. good luck i know the feeling when you have a virus trojan and cannot shift it its very annoying
 
Realy one of two things to do imho

1/ re install OS, prob a lot quicker than trying to fix with option two

2/ run hijack get rid of everything that you dont know (post log here so others can help), DL trojen remover, and spybot or seach and destroy
run them in safe mode, also DL Nod32 trial and run ( by know you are prob hitting 5+ hours) can also do windows defender.

IMHO go for option 1, takes no time at all and you know you are clean.
 
Agreed option 1 is the best when dealing with any kind of virus. Make sure you disconnect any removable media first though and then get your o/s, decent virus guard and other protection in place before reconnecting it.


M.
 
TBH hijack this log hardly takes 5 + hours , to sort , morelike 10 mins.After that just a quick scan of anti virus and that normally gets rid of most if not all virus etc.

But to honest if you have vital data etc then I would format safer that to be certain
 
Are you sure it's not internet explorer?

As you've probably read iexplore.exe is the main executable for internet explorer. It's currently using 34,020 K of memory on my system and I'm pretty sure I don't have a trojan as I only built this pc yesterday.
 
It runs on start up without any browser being open though.

If you do a google search you will see lots of people have this problem.

I've sent an e-mail to Microsoft tech support, If they can't help me I suppose i'll have to reinstall, I don't want my bank account emptied do I lol.

I even made a dos boot disc and tried to delete comcatg.dll from there but access is still denied.
 
Last edited:
sure if its running from \windows dir its fine anywhere else is a big no no. Sure it also if it running under your profile its ok but if it running as system its bad. Or is that the other way round ?? Google it and it will tell you which way round it is
 
You must log in or register to reply here.
Back
Top Bottom