Inactive Iexplore.exe virus - 8 Steps Completed with Logs

Status
Not open for further replies.

pope1605

Posts: 6   +0
Attached are the logs requested via 8 Steps.

This virus is the iexplore.exe virus that is running without IE being ran. The mem usage is up over 120,000K when it happens. Thank you very much for your help.

Brian Pope
 

Attachments

  • POPE_mbam-log-2010-03-30 (19-39-58).txt
    969 bytes · Views: 1
  • POPE_SUPERAntiSpyware Scan Log - 03-30-2010 - 20-43-05.txt
    60.3 KB · Views: 1
  • POPE_hijackthis.txt
    16.9 KB · Views: 1
Good Morning, Brian! Let's take it from the top:

You have 2 antivirus programs running: Symantec and Avast. Please decide which you want to keep and remove the other. Multiple AV programs can actually leave the system more vulnerable as well as slow it down. Here are tools for removal of each- choose the one you don't want, download and run it:
  • Norton Removal Tool
  • To uninstall Avira:
  • Start> Settings> Control Panel> Add or Remove Programs (Windows 2000/ XP) or Start - Control Panel - Uninstall a program (Windows Vista / 7)
  • Wait for the list of installed programs to load, then click the name of the Avira program.
  • Click Remove next to the program's name (Windows 2000 / XP) or in the menu above the list (Windows Vista / 7).
  • Press Yes, to confirm the removal and then OK.
  • . Click Next until Finish. The software is removed.

1. If you are referring to multiple iexplore.exe processes running, that's normal with IE8. but malware can hide as almost any name.
2. You have almost 800 Tracking Cookies. I will have you reset the Cookies to prevent them, but this is often a sign of poor maintenance.
3. There are 2 AOL dial-up entries, but you name server indicates you have a router:
C:\Program Files\Common Files\AOL\1146363028\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1146363028\ee\AOLServiceHost.exe


AOLServiceHost.exe is known to cause high CPU usage so if you are not using AOL dial-up, check these 2 processes for removal in HJT. (Reopoen HJT to system scan only> check the 2 processes> click on Fix Checked.

Please rescan with HijackThis and paste in a new log after finishing the above. Let me know if you notice a change in the CPU and if there are any other possibly malware realted problems.
 
Status
Not open for further replies.
Back