TechSpot

Iexplore.exe virus - 8 Steps Completed with Logs

Inactive
By pope1605
Mar 31, 2010
Topic Status:
Not open for further replies.
  1. Attached are the logs requested via 8 Steps.

    This virus is the iexplore.exe virus that is running without IE being ran. The mem usage is up over 120,000K when it happens. Thank you very much for your help.

    Brian Pope

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Good Morning, Brian! Let's take it from the top:

    You have 2 antivirus programs running: Symantec and Avast. Please decide which you want to keep and remove the other. Multiple AV programs can actually leave the system more vulnerable as well as slow it down. Here are tools for removal of each- choose the one you don't want, download and run it:
    • Norton Removal Tool
    • To uninstall Avira:
    • Start> Settings> Control Panel> Add or Remove Programs (Windows 2000/ XP) or Start - Control Panel - Uninstall a program (Windows Vista / 7)
    • Wait for the list of installed programs to load, then click the name of the Avira program.
    • Click Remove next to the program's name (Windows 2000 / XP) or in the menu above the list (Windows Vista / 7).
    • Press Yes, to confirm the removal and then OK.
    • . Click Next until Finish. The software is removed.

    1. If you are referring to multiple iexplore.exe processes running, that's normal with IE8. but malware can hide as almost any name.
    2. You have almost 800 Tracking Cookies. I will have you reset the Cookies to prevent them, but this is often a sign of poor maintenance.
    3. There are 2 AOL dial-up entries, but you name server indicates you have a router:
    C:\Program Files\Common Files\AOL\1146363028\ee\AOLHostManager.exe
    C:\Program Files\Common Files\AOL\1146363028\ee\AOLServiceHost.exe


    AOLServiceHost.exe is known to cause high CPU usage so if you are not using AOL dial-up, check these 2 processes for removal in HJT. (Reopoen HJT to system scan only> check the 2 processes> click on Fix Checked.

    Please rescan with HijackThis and paste in a new log after finishing the above. Let me know if you notice a change in the CPU and if there are any other possibly malware realted problems.
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Thread closed due to inactivity.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.