ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > Living Room

iexplore.exe - be warned

(1/2) > >>

nudone:
my machine is currently infected with a trojan or something.

after startup i have a new file 'iexplore.exe' trying to access the internet - each time i delete the file and then restart, the said file has moved to a new location (please don't start announcing that iexplore.exe is internet explorer - this particular file that keeps appearing is definitely something nasty).

i looked around the web and there appears to be plenty of confusion and not particularly brilliant advice about getting rid of it - virus and trojan scanners seem to be unable to find the file if the comments on other forums i've read are correct.

here is the most helpful page i've found that deals with the problem http://www.jimmyr.com/blog/IEXPLORE_EXE_Virus_230_2006.php (not actually tried his method yet but will do in a minute).

i wouldn't make such a post but this is the first time my machine has been infected for a long time - and i can't even remember a time that my scanning software seemed completely oblivious to the fact that the machine is infected.

TucknDar:
 :( Sorry for you, but hopefully you'll get rid of it. Please post about your progress and how you got this thing on your computer in the first place.

nudone:
here's the output from the first run using the Ikarus dos scanner:


--- ---c:\windows\system32\directx.exe - Signatur 'Net-Worm.Win32.Mytob.DE' gefunden
c:\windows\system32\pxcpya64.exe - Virenverdächtige Programmsequenz gefunden
c:\windows\system32\pxcpyi64.exe - Virenverdächtige Programmsequenz gefunden
c:\windows\system32\pxinsa64.exe - Virenverdächtige Programmsequenz gefunden
c:\windows\system32\pxinsi64.exe - Virenverdächtige Programmsequenz gefunden
so, looks like the problem might be getting worse. i'll now run another scan in safemode...

(grisoft avg is still completely unaware that there is a problem.)

nudone:
nod32 doesn't appear to think there is a problem either - even with all options turned on and forced to scan the system32 folder.

it's a pity, isn't it.

kimmchii:
nod32 has improved a lot but it's still a toy, i only trust kaspersky.

download esan here:
http://www.spywareinfo.dk/download/mwav.exe

then run kavupd.exe to update the sig, it will catch everything.

Navigation

[0] Message Index

[#] Next page

Go to full version