MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Closed Thread
 
Thread Tools Display Modes
  #1  
Old 08-09-05, 15:20
msp4790 msp4790 is offline
Private E-2
 
Join Date: Aug 2005
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default IEXPLORE.exe running without browser open!!!

Hey guys, I need some help. In my task manager there is an IEXPLORE.EXE running without my Internet Explorer browser even open. I end the process and it would come back in less than 5 min. I would do this about 5+ times, and then sometimes it would stop coming back, and other times it would still keep coming. I think its probably some type of spyware or virus. I need help to remove this bug, and anything else which it brought along with it.

I have run Spybot, Microsoft Anti-Spyware, Ad-aware, Online scans like trend-micro, SysClean (by Trend Micro), and I also have Zone Alarm running to try to prevent the process from accessing the web, but I don't think any of it has worked.

I am posting my Hijack This log below.

[unrequested inline log removed -kodo]



Thanks A LOT for helping

Last edited by Kodo; 08-09-05 at 15:34..
Sponsored links
  #2  
Old 08-09-05, 15:35
Kodo's Avatar
Kodo Kodo is offline
SNATCHSQUATCH
 
Join Date: Jan 2002
Location: Syracuse NY, USA
Posts: 11,502
Thanks: 17
Thanked 72 Times in 49 Posts
Default Re: IEXPLORE.exe running without browser open!!!

Please follow the steps below:

- Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps below:

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).
__________________
"The American people will never knowingly adopt Socialism..." -Norman Thomas
  #3  
Old 08-09-05, 15:43
msp4790 msp4790 is offline
Private E-2
 
Join Date: Aug 2005
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: IEXPLORE.exe running without browser open!!!

I have already run all those steps in that sticky thread a few times over when I first started having that problem. They just found small spyware/adware problems which were all successfully removed. I have AVG 7.0 runnning, and its real-time scanner finds trojan droppers adn downloaders. Today it found Trojan Horse Dropper.Agent.8.B in the file C:\Windows\System32\cisvc.exe. I don't know if that has anything to do with it, but just to let u know.
  #4  
Old 08-09-05, 15:49
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,764
Thanks: 62
Thanked 7,830 Times in 4,252 Posts
Default Re: IEXPLORE.exe running without browser open!!!

If you have run ALL of the READ ME FIRST then complete the last part of Kodo's message (instructions for posting a HijackThis log).
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
  #5  
Old 08-09-05, 15:52
msp4790 msp4790 is offline
Private E-2
 
Join Date: Aug 2005
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: IEXPLORE.exe running without browser open!!!

My log file is attached.
Attached Files
File Type: log hijackthis.log (7.1 KB, 1 views)
Sponsored links
  #6  
Old 08-09-05, 16:22
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,764
Thanks: 62
Thanked 7,830 Times in 4,252 Posts
Default Re: IEXPLORE.exe running without browser open!!!

If you are using WinXP or WinMe, make sure you have system restore disabled (per the tutorial).
For all OS types, make sure viewing of hidden files is enabled (per the tutorial).


Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [jbxdxrr] C:\WINDOWS\System32\jbxdxrr.exe
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab


After clicking Fix, exit HJT.

Boot into safe mode and use Windows Explorer to delete:
C:\WINDOWS\System32\jbxdxrr.exe


If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

Now empty your Recycle Bin. Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.

Now reboot in normal mode and post a new HJT log. And tell us how things are working.
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
  #7  
Old 08-09-05, 19:04
msp4790 msp4790 is offline
Private E-2
 
Join Date: Aug 2005
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: IEXPLORE.exe running without browser open!!!

I did everything you said, and then rebooted. No signs of it yet. Here is my log file after the reboot.
Attached Files
File Type: log hijackthis.log (7.1 KB, 1 views)
  #8  
Old 08-09-05, 19:18
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,764
Thanks: 62
Thanked 7,830 Times in 4,252 Posts
Default Re: IEXPLORE.exe running without browser open!!!

The below line is still in your HJT log


O4 - HKLM\..\Run: [jbxdxrr] C:\WINDOWS\System32\jbxdxrr.exe

Did you fix it last time? Fix it again. Make sure it does not come back after a reboot.
Also make sure the file is gone.
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 23:00.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


All content Copyright MajorGeeks.com source code Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger