Articles

trojan explorer.exe

was built by a friend
September 14, 2006 at 03:17:17
Specs: XP, unknown CPU/512MB RAM

I discovered I had trojan "explorer.exe" on my PC. It was loaded invisibly in folder "dllcache" but was an application. Ran Hijackthis and Panda but both got hung up. finally deleted program. Set Zone Alarm Free to block across the board "run a dll as an app". Ran Registry Mechanic and that cleared out some old pieces. Ran HiJackThis again tonight because still having some problems running the real explorer.exe. Opens and looks like My Computer. Though I can put in address and will go to website on the Internet. I typed in default website, verizon.msn.com, but doesn't go there. So something else is still wrong. Any suggestions?



See More: trojan explorer.exe

Report •


#1
September 14, 2006 at 03:48:33

Download Hijack This from this link and boot to safe mode and run it
Then copy and paste your log file to the Analyzer Page
Then download and run in Safe Mode Ewido Anti-Malware

" Please Post back to let us know if we helped "


Report •

#2
September 14, 2006 at 06:44:42

Also you can download and run Trojan Remover

" Please Post back to let us know if we helped "


Report •

#3
September 14, 2006 at 08:26:34

I downloaded and ran everything you asked me to do and all in safe mode. Found an iexplore.exe trojan, again hidden in a dllcache folder, but is an application. That's now deleted. Found 51 cookies. Gone. Minor changes to the registry have been corrected. It all added up because Internet Explorer is now working great.

I now have 2 other problems. First, the "connections tray" whenever I restart or shutdown, doesn't want to close. I always have to select "end now". What is the "connections tray"? What's causing this problem and how can I fix it?

I still don't know what brought the 2 IE trojans into my computer. So how do I prevent them from returning? Also, could I have given those trojans to friends, unknowingly? One friend mentioned yesterday that's she's been having problems downloading. What do you think?


Report •

Related Solutions

#4
September 14, 2006 at 09:05:27

Now I found on eother problem - if it is a problem. At the location:
c:\windows\system32\dllcache\

First, this dllcache folder is hilighted in blue while everything else is black. Second, it says it's a dllcache, but there are a lot of applications in it. and almost all ofthem have the same date: 8/4/2005 5:00am. What do you make of all of these? There's even a program called regedit.exe.


Report •

#5
September 14, 2006 at 09:40:03

suzauten, "First, this dllcache folder is hilighted in blue while everything else is black. Second, it says it's a dllcache, but there are a lot of applications in it."

That's not a problem. The reason that the folder is hilited in blue is because those files are seldom used and they're compacted. As to the many file extensions that's normal.

Tufenuf


Report •

#6
September 14, 2006 at 11:16:54

But why would a dllcache folder have a copy of regedit.exe in it? The official Windows version of regedit.exe is in c:\windows. So why would an official Windows utility be hiding in a dllcache folder? That doesn't make sense to me.

Report •

#7
September 14, 2006 at 11:56:47

suzauten, The dll cache folder contains many Windows .exe files along with .dll files and probably others. That is a good source to go to if you ever need to replace a copy of one of the Windows files. You may want to check out the link below which sort of explains it. I suggest that you leave that folder alone and don't mess with it unless you need to copy one of those files if needed.

http://support.microsoft.com/?kbid=...

More info at the many links at the link below.

http://www.google.com/search?hl=en&...

Tufenuf


Report •


Ask Question