suspicious: iexplore.exe running with no browser open

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by aikox2, Dec 12, 2004.

  1. aikox2

    aikox2 Private E-2

    I just noticed that on my son's win2K box, ZeroPopup (anti popup s/w) is running when no browser is open! Normally ZeroPopup only loads when IE is running!! I looked in running processes and saw one instance of iexplore, even though IE was not open (pc just booted up). After killing the process, ZeroPopup closed.

    I run ZeroPopup on my other pcs as well, and never saw this behavior (though I use SlimBrowser, not IE)

    I should point out that I keep things clean, run AdAware, SpyBot, CWShredder, etc., and everything is clean and normal, and the pc isn't acting up, but I found this very suspicious!!!

    Thanks for any feedback,
    Scott
     
    aikox2, Dec 12, 2004
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    There are a variety of instances caused by malware that will cause an IE process to be running even though you think they are all closed.

    You should attempt to follow all the steps in this Sticky thread < READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal >

    If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

    NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.

    If still having a problem after the above, you should read the tutorial in this Sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

    Now post a HijackThis log file as an attachment to your message. All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

    Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

    Make sure you have HJT version 1.98.2 and follow the guidelines on where to install it and how to post a log as an attachment.
     
    chaslang, Dec 12, 2004
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds