Cannot Remove Hidden iexplore.exe

Microsoft Windows vista home premium - 3...
August 16, 2010 at 23:17:25
Specs: Windows Vista
Hello,
After numerous scans with various anti-virus/adware programs I have found that iexplore.exe continually runs after I shut the program via Task Manager. I have seen a few threads dealing with the issue, however I have been unable to rectify the situation on my own.
Any help would be greatly appreciated.
Thank you,

See More: Cannot Remove Hidden iexplore.exe

Report •


#1
August 17, 2010 at 08:53:27
What have you tried scanning with, and what version of IE are you running?. I've read that in IE 8 it's normal to have two instances of that program running, and each new tab will open a new process. If you're running an older version, try resetting Internet Explorer by going to Tools > Options > Advanced and click on "Reset" to see if that solves the problem.

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#2
August 18, 2010 at 08:49:57
Hello,
Thank you for your reply.
I have scanned with Spybot, Ad-Aware, AVG, and Kapersky online.
AVG found a two trojans and promptly quarantined them
I do not use IE for my browser, I use Mozilla or Chrome. IE is installed for specific work purposes.
Currently I am using IE 7. I followed the link you posted and used normal startup in my msconfig.
So far nothing has worked, the program is still runs after I 'end process' in the task manager.

Report •

#3
August 18, 2010 at 11:02:37
Hi, I would try first running Rkill found here: http://download.bleepingcomputer.co... after it finishes scanning, please DO NOT reboot, as this will cause whatever malicious process there is to reappear (Rk ill is a malicious process ender), then please update, and do a scan with Malware Bytes: http://download.cnet.com/Malwarebyt... to see what else it may find.

Also, do you remember the names of the two trojans it happened to quarantine?.. If not, please look at the log of quarantined files by going to History > Virus Vault, there it should list the names of what was recently quarantined.

Helpful tips before getting started: http://www.computing.net/howtos/sho...</


Report •

Related Solutions

#4
August 20, 2010 at 05:13:15
Hello,
I thought I submitted a follow up last night. I must have not clicked the proper button.
First, the program is connecting to various websites including Google, and Akamai technologies, I am certain it is being used for DOS attacks. I found out the Foreign IP's that it was connecting through via Windows Defender
Second I ran Rkill.
The program did not find any malicious process to kill. Malwarebytes consistently crashed 5 times at 3 seconds into any scan.
I have had luck by taking ownership of the file via properties, and denying all of the permissions for "SYSTEM"
However, this is just a work around nothing has actually been removed. At least I know that right now my comp is not being used as a zombie.
Thank you,

Report •

#5
August 24, 2010 at 22:08:07
You're welcome. Have you tried scanning with Malware Bytes in Safe Mode?.. Which, might fix the crashing problem.

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#6
September 26, 2010 at 10:29:50
can you please tell me exactly how you "took ownership of the file"? bec i've been hit by the same virus but it doesn't show up in task manager anywhere when i first deleted it. and tho a file of the same name appears when i search the computer, the file locations lists a folder in my computer that no longer exists/i've long deleted. please help coz it's a really nasty bugger. now it's totally hijacked my internet connection and i can't do anything and yet the counters show that data is being sent to and from my computer. help please!

Report •

Ask Question