iexplore.exe Issue in Task Manager/Trojan?

[radarseven]

Hello,

When trying to install Adobe CS3 on my WinXP Pro machine, the installer stated I must close Internet Explorer before proceeding. Because I didn't have Internet Explorer open, I opened up Task Manager and saw 2 instances of "iexplore.exe" running, one of which is using almost 170MB of memory. I am unable to End these tasks, as they just reappear. Not sure what the next step is. Virus scan and Spy Sweeper scan product no results.

I am attaching the hijackthis log file. One entry, "LOVEINTERSETUP.EXE" looks real shady to me, but when I "Fix it," it comes back upon restart.

Any help would be greatly appreciated.

Cheers,
Michael

 

[howard_hopkinso]

Your system is infected with a backdoor trojan and a lop infection.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Also, let me know the results of the AVG Antirootkit scan.

Regards Howard

This thread is for the use of radarseven only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[radarseven]

Ah, thanks for the bad news Howard!!
Sadly, I think I"ll need to do a reinstall as I use this PC forjust about everything, including online banking. Any last minute advice?

I currently run McAfee Securtiy Center (free with my broadband service) as my anti-virus and Spy Sweeper. I use Kaspersky Security Suite on my laptop,which seems to perform a little better. Any advice on a good setup after a clean install?

Thanks for your help.
Michael

 

[howard_hopkinso]

Your decision to reformat is undoubtedly the correct course of action. Disconnect from the internet and don`t reconnect until you have reinstalled your firewall software.

You`ll need to contact your bank/credit card company etc ASAP and tell them your computer has been compromised.

Personally, I`m not a fan of McAfee, perhaps you should use Kaspersky on your system as it always gets very good reviews. However, if you want to try something that`s free, then take a look at the list of programmes I recommend below.

AVG free or Avast antivirus programmes.

Zonealarm Kerio or Comodo free firewall programmes.

Spybot Search & Destroy.

Ad-Aware se personal.

Spyware Blaster.

AVG Antispyware.

Ccleaner.

Regards Howard

This thread is for the use of radarseven only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[radarseven]

Howard,

Thank you kindly for your helpful reply. I will take the appropriate actions immediately.

For clarification, am I assuming correctly that all of the free programs you list comprise a "security suite" of sorts that should all be running congruently to maximize protection? I want to make sure I have the proper line of defense this time around, and I know that you are indeed the resident expert.

Thank you again for your time and expertise.

Best regards,
Michael R.

 

[howard_hopkinso]

The only programmes you need running continually are antivirus and firewall programmes. The rest of the programmes can be run when desired, or when you suspect something`s wrong.

I suggest you read this thread HERE. It`ll help you to keep your system more secure.

Regards Howard

This thread is for the use of radarseven only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[radarseven]

Thanks again for the advice Howard.

Cheers,
Michael

 

[radarseven]

One last thought...

Since I'm in need of more drive space, I may just pop a new drive in and do a clean install on a bew drive.

With my current system drive (the corrupted one) connected as secondary drive to the machine, is there any chance of infecting/corrupting my new WinXP install on the new drive?

Hope that makes sense...

 

[howard_hopkinso]

No, you should be ok. Once you have gotten your important data off of the drive, reformat it.

Regards Howard

This thread is for the use of radarseven only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[radarseven]

Great, thanks Howard.
I'll let you know how I do!