Thread: iexplore.exe process - hidden and self renewing
View Single Post
  #3 (permalink)  
Old 10-15-2008
PA Bear [MS MVP]
 

Posts: n/a
Re: iexplore.exe process - hidden and self renewing
Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315

Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_R...:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/...moving_Malware

When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use (in
conjuction with some other utilities). HijackThis will NOT fix anything on
its own, but it will help you to both identify and remove any
hijackware/spyware with assistance from an expert. **Post your log to
http://spywarehammer.com/simplemachi...php?board=10.0,
http://forums.spybot.info/forumdisplay.php?f=22,
http://aumha.net/viewforum.php?f=30, or another appropriate forum for review
by an expert in such matters, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

Kaleb Buckner wrote:
> Okay, so the subject pretty much says it all. I've found that explore.exe
> will be running at all times. I will hear random page refresh clicking
> sounds. If I for whatever reason leave my computer on overnight, the next
> morning I have 1 or 2 popups there.
>
> Did a little research on this on my own, ran multiple scans with SUPER
> AntiSpyware Free Edition (I don't have the money to spend on this kind of
> thing when there are ways to do it manually). All kinds of cleanups and
> restarts, only to find it always comes back.
>
> So I did the last thing I could think to do, and that was to go through
> each of my processes manually and see google them to see what they were
> capable of doing. I did find one process, C3Gd0Ij3.exe, that returns NO
> results on google. I took the risk, ended the process tree (just in case)
> and bam, I was able to actually kill the iexplore.exe process and it
> didn't
> go all zombie on me.
>
> So I went through to find this C3Gd0Ij3.exe and related files on my
> computer and deleted them with no problems. I decided to run another full
> scan of my computer in case it was still moping around somewhere and hoped
> it was more vulnerable to removal, being offline. Well, about 4 hours
> later, the process randomly starts up again! The files I deleted are back
> and I grow weary of fighting this alone with my limited experience.
>
> So, I come asking for help. Rather lengthy post but I wanted to convey as
> much information as I could. I've not posted here before so if you could
> email me that would be great, thanks!

Reply With Quote