BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Iexplore.exe virus
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Iexplore.exe virus  
Forum Quick Jump
 
New Topic Locked Topic Printable version of : Iexplore.exe virus
[ << Previous Thread | Next Thread >> ]

Willis22
New Member


Date Joined Dec 2008
Total Posts : 1
 
   Posted 12/3/2008 6:27 PM (GMT +3)    Quote: Iexplore.exe virusAlert an admin about: Iexplore.exe virus
I have a virus from iexplore.exe, which runs multiple copies at the same time slowing down my computer, and also opens pop-ups. This is the hjt log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:07:55 AM, on 12/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Prevx2\PXAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.co.uk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Army browse cdrom vga] C:\Documents and Settings\All Users\Application Data\Mfcd upload army browse\Tons rdr.exe
O4 - HKCU\..\Run: [Multi pop] C:\DOCUME~1\Will\APPLIC~1\TRANSC~1\PeakBrowse.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PREVXAgent - Prevx - C:\Program Files\Prevx2\PXAgent.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 12/3/2008 6:59 PM (GMT +3)    Quote: Iexplore.exe virusAlert an admin about: Iexplore.exe virus
Hello smile
 
 
Download LopSD by Eric_71 and save it to your desktop.
Lop S&D will only run on Windows XP and Windows Vista

Disable your
antivirus and antimalware programs so they do not interfere with the running of Lop S&D.
 Double-click LopSD.exe
  • Choose the language by typing of the corresponding letter and press Enter
  • Click OK at the informative window
  • Type 2 to choose Option 2 (Fix + Hosts), then press Enter
  • Wait until the end of the scan
  • A report will be generated, post the contents of it in your next reply.


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

Willis22
New Member


Date Joined Dec 2008
Total Posts : 1
 
   Posted 12/3/2008 8:12 PM (GMT +3)    Quote: Iexplore.exe virusAlert an admin about: Iexplore.exe virus
--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A14
USER : Will ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 antivirus system 2.70 2.70 (Activated)
C:\ (Local Disk) - NTFS - Total:110 Go (Free:17 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : ( Wed 12/03/2008|11:57 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

Deleted! - C:\WINDOWS\Tasks\B529E1EE9BF29252.job
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mfcd upload army browse\media frag.exe
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mfcd upload army browse\Tons rdr.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\cqdcufum.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\dndawjeq.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\FASTFOURMAPI.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\fnelwxfk.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\gtzjpyyy.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\jzxhupdz.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\kpktmvnp.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\kvvshygj.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\mdghxdhw.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\nijefgjr.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\osdwhhko.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\PeakBrowse.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\pptupstx.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\rfehxvkb.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\rishqjdf.exe
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1\wzyesxqe.exe
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mfcd upload army browse
Deleted! - C:\DOCUME~1\Will\APPLIC~1\transc~1
Deleted! - C:\Program Files\transc~1
Deleted! - C:\Program Files\WinZix
-
[ Hosts file ] .. Restored!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in APPLIC~1

[09/06/2007|05:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[01/28/2008|04:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft

[11/03/2008|03:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[04/17/2008|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ALM
[09/07/2007|05:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[09/07/2007|05:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[11/29/2007|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
[09/03/2008|02:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[10/27/2008|05:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Hewlett-Packard
[10/10/2008|04:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[08/20/2008|02:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Help
[09/07/2007|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NVIDIA
[09/06/2007|05:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> nView_Profiles
[08/08/2008|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Office Genuine Advantage
[10/30/2008|03:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Prevx
[09/03/2008|02:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[09/06/2007|06:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[09/03/2008|02:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WinZip

[09/06/2007|05:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft

[09/06/2007|07:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[05/12/2008|01:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> WTablet

[09/06/2007|05:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

[10/23/2008|05:36] C:\DOCUME~1\Will\APPLIC~1\<DIR> Adobe
[11/22/2007|07:36] C:\DOCUME~1\Will\APPLIC~1\<DIR> Aim
[11/14/2007|06:22] C:\DOCUME~1\Will\APPLIC~1\<DIR> Apple Computer
[02/25/2008|05:34] C:\DOCUME~1\Will\APPLIC~1\<DIR> dvdcss
[08/31/2008|04:05] C:\DOCUME~1\Will\APPLIC~1\<DIR> Google
[04/22/2008|05:59] C:\DOCUME~1\Will\APPLIC~1\<DIR> gtk-2.0
[09/08/2008|10:21] C:\DOCUME~1\Will\APPLIC~1\<DIR> HorizonWimba
[09/06/2007|05:57] C:\DOCUME~1\Will\APPLIC~1\<DIR> Identities
[09/06/2007|06:46] C:\DOCUME~1\Will\APPLIC~1\<DIR> Macromedia
[07/19/2008|11:48] C:\DOCUME~1\Will\APPLIC~1\<DIR> Media Player Classic
[09/03/2008|02:02] C:\DOCUME~1\Will\APPLIC~1\<DIR> Microsoft
[05/08/2008|12:47] C:\DOCUME~1\Will\APPLIC~1\<DIR> Move Networks
[09/06/2007|05:59] C:\DOCUME~1\Will\APPLIC~1\<DIR> Mozilla
[09/08/2008|10:21] C:\DOCUME~1\Will\APPLIC~1\<DIR> Sun
[09/15/2008|05:10] C:\DOCUME~1\Will\APPLIC~1\<DIR> Uniblue
[12/03/2008|10:02] C:\DOCUME~1\Will\APPLIC~1\<DIR> uTorrent
[09/07/2007|12:40] C:\DOCUME~1\Will\APPLIC~1\<DIR> vlc
[12/02/2008|05:57] C:\DOCUME~1\Will\APPLIC~1\<DIR> WTablet

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[12/02/2008 05:57 PM][--a------] C:\WINDOWS\tasks\RegCure Program Check.job
[11/26/2008 10:04 PM][--a------] C:\WINDOWS\tasks\RegCure.job
[12/01/2008 09:42 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[12/02/2008 05:53 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/01/2006 07:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[09/06/2007|03:01] C:\Program Files\<DIR> 7-Zip
[10/03/2007|03:53] C:\Program Files\<DIR> AC3Filter
[02/07/2008|04:02] C:\Program Files\<DIR> Acoustica Shared Effects
[09/03/2008|06:47] C:\Program Files\<DIR> Adobe
[07/12/2008|11:42] C:\Program Files\<DIR> Adobe Media Player
[09/07/2007|05:19] C:\Program Files\<DIR> Apple Software Update
[02/07/2008|04:27] C:\Program Files\<DIR> ASIO4ALL v2
[02/06/2008|01:49] C:\Program Files\<DIR> Audacity
[04/17/2008|11:29] C:\Program Files\<DIR> Bonjour
[10/27/2008|05:26] C:\Program Files\<DIR> Common Files
[09/06/2007|05:44] C:\Program Files\<DIR> ComPlus Applications
[09/06/2007|06:14] C:\Program Files\<DIR> CONEXANT
[04/27/2008|02:23] C:\Program Files\<DIR> Corel
[05/19/2008|11:43] C:\Program Files\<DIR> DAZ
[09/06/2007|06:17] C:\Program Files\<DIR> Dell
[09/06/2007|05:05] C:\Program Files\<DIR> DIFX
[02/02/2008|11:27] C:\Program Files\<DIR> DivX
[05/21/2008|10:00] C:\Program Files\<DIR> ESET
[09/06/2007|05:48] C:\Program Files\<DIR> eXPerience
[10/03/2007|03:53] C:\Program Files\<DIR> ffdshow
[10/05/2007|06:14] C:\Program Files\<DIR> Full Tilt Poker.Net
[09/05/2008|05:18] C:\Program Files\<DIR> Google
[06/02/2008|04:04] C:\Program Files\<DIR> Hewlett-Packard
[08/06/2008|11:10] C:\Program Files\<DIR> HP
[09/03/2008|02:05] C:\Program Files\<DIR> Image-Line
[02/13/2008|05:56] C:\Program Files\<DIR> InstallShield Installation Information
[10/14/2008|09:09] C:\Program Files\<DIR> Internet Explorer
[09/07/2007|05:20] C:\Program Files\<DIR> iPod
[09/07/2007|05:20] C:\Program Files\<DIR> iTunes
[09/08/2008|10:20] C:\Program Files\<DIR> Java
[09/06/2007|06:55] C:\Program Files\<DIR> MagicISO
[08/12/2008|09:02] C:\Program Files\<DIR> Messenger
[09/24/2008|01:14] C:\Program Files\<DIR> Microsoft IntelliPoint
[09/06/2007|07:06] C:\Program Files\<DIR> Microsoft Office
[02/13/2008|05:56] C:\Program Files\<DIR> Microsoft Reader
[09/06/2007|07:06] C:\Program Files\<DIR> Microsoft Visual Studio
[09/06/2007|07:04] C:\Program Files\<DIR> Microsoft Visual Studio 8
[09/06/2007|07:07] C:\Program Files\<DIR> Microsoft Works
[09/06/2007|07:05] C:\Program Files\<DIR> Microsoft.NET
[10/03/2007|03:53] C:\Program Files\<DIR> Morgan
[09/06/2007|05:45] C:\Program Files\<DIR> Movie Maker
[12/03/2008|11:44] C:\Program Files\<DIR> Mozilla Firefox
[02/17/2008|04:05] C:\Program Files\<DIR> MPlayer-1.0rc2-gui
[09/06/2007|07:06] C:\Program Files\<DIR> MSBuild
[09/06/2007|05:42] C:\Program Files\<DIR> MSN
[09/06/2007|05:43] C:\Program Files\<DIR> MSN Gaming Zone
[09/06/2007|05:52] C:\Program Files\<DIR> MSN Messenger
[10/28/2008|10:00] C:\Program Files\<DIR> MSXML 4.0
[09/06/2007|03:04] C:\Program Files\<DIR> MSXML 6.0
[09/06/2007|05:45] C:\Program Files\<DIR> NetMeeting
[10/01/2007|07:26] C:\Program Files\<DIR> New Folder
[04/27/2008|02:22] C:\Program Files\<DIR> nik Color Efex Pro 2.0 GE
[09/06/2007|07:03] C:\Program Files\<DIR> Online Services
[09/06/2007|06:01] C:\Program Files\<DIR> Outlook Express
[09/06/2007|06:33] C:\Program Files\<DIR> PowerISO
[12/02/2008|05:54] C:\Program Files\<DIR> Prevx2
[04/17/2008|08:55] C:\Program Files\<DIR> QuickTime
[09/06/2007|06:19] C:\Program Files\<DIR> Reference Assemblies
[10/10/2008|04:39] C:\Program Files\<DIR> RegCure
[09/06/2007|06:40] C:\Program Files\<DIR> Sigmatel
[09/03/2008|02:00] C:\Program Files\<DIR> Spybot - Search & Destroy
[01/28/2008|06:55] C:\Program Files\<DIR> Starcraft
[10/23/2008|12:56] C:\Program Files\<DIR> Steam
[09/06/2007|04:11] C:\Program Files\<DIR> Synaptics
[05/07/2008|03:53] C:\Program Files\<DIR> Tablet
[12/03/2008|10:07] C:\Program Files\<DIR> Trend Micro
[09/06/2007|05:51] C:\Program Files\<DIR> Uninstall Information
[05/08/2008|06:50] C:\Program Files\<DIR> uTorrent
[01/06/2008|06:45] C:\Program Files\<DIR> VideoLAN
[09/03/2008|02:01] C:\Program Files\<DIR> VstPlugins
[09/18/2007|03:50] C:\Program Files\<DIR> Windows Media Connect 2
[09/06/2007|06:18] C:\Program Files\<DIR> Windows Media Player
[09/06/2007|05:43] C:\Program Files\<DIR> Windows NT
[09/06/2007|05:46] C:\Program Files\<DIR> WindowsUpdate
[09/06/2007|05:52] C:\Program Files\<DIR> WPIclose
[10/03/2007|03:52] C:\Program Files\<DIR> XviD
[10/10/2008|04:09] C:\Program Files\<DIR> Yahoo!

--------------------\\ Listing Folders in C:\Program Files\Common Files

[09/03/2008|06:46] C:\Program Files\Common Files\<DIR> Adobe
[07/12/2008|11:42] C:\Program Files\Common Files\<DIR> Adobe AIR
[09/07/2007|05:19] C:\Program Files\Common Files\<DIR> Apple
[10/07/2007|09:25] C:\Program Files\Common Files\<DIR> Blizzard Entertainment
[05/19/2008|11:43] C:\Program Files\Common Files\<DIR> DAZ
[09/06/2007|07:06] C:\Program Files\Common Files\<DIR> DESIGNER
[08/08/2008|09:27] C:\Program Files\Common Files\<DIR> Hewlett-Packard
[10/27/2008|05:26] C:\Program Files\Common Files\<DIR> HP
[09/06/2007|05:06] C:\Program Files\Common Files\<DIR> InstallShield
[09/08/2008|10:20] C:\Program Files\Common Files\<DIR> Java
[04/17/2008|11:18] C:\Program Files\Common Files\<DIR> Macrovision Shared
[05/19/2008|11:46] C:\Program Files\Common Files\<DIR> Microsoft Shared
[09/06/2007|05:45] C:\Program Files\Common Files\<DIR> MSSoap
[09/06/2007|06:36] C:\Program Files\Common Files\<DIR> ODBC
[09/06/2007|05:45] C:\Program Files\Common Files\<DIR> Services
[09/06/2007|06:36] C:\Program Files\Common Files\<DIR> SpeechEngines
[06/02/2008|04:03] C:\Program Files\Common Files\<DIR> SWF Studio
[09/06/2007|07:03] C:\Program Files\Common Files\<DIR> System

--------------------\\ Process

( 38 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-03 12:00:55
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Will\Application Data\uTorrent\Adobe Photoshop CS3 v10.0 Extended Incl Keygen.torrent
C:\DOCUME~1\Will\Application Data\uTorrent\ADOBE.ILLUSTRATOR.CS3 (with CRACK).torrent
C:\DOCUME~1\Will\My Documents\Downloads\Adobe Photoshop CS3 v10.0 Extended Incl Keygen
C:\DOCUME~1\Will\My Documents\Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)
C:\DOCUME~1\Will\My Documents\Downloads\RegCure 1.5.0.0 + Crack
C:\DOCUME~1\Will\My Documents\Downloads\Adobe Photoshop CS3 v10.0 Extended Incl Keygen\Adobe Photoshop CS3 v10.0 Extended Incl Keygen.daa
C:\DOCUME~1\Will\My Documents\Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).daa
C:\DOCUME~1\Will\My Documents\Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).nfo
C:\DOCUME~1\Will\My Documents\Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\Will\My Documents\Downloads\League of Extraordinary Gentlemen\League of Extraordinary Gentlemen v2 #005\The League Of Extraordinary Gentlemen Vol 2 #05 of 6\TheLeagueOfExtraordinaryGentlemenV2#05-comicrack.nfo
C:\DOCUME~1\Will\My Documents\Downloads\Mofro\Blackwater\08 Cracka Break.mp3
C:\DOCUME~1\Will\My Documents\Downloads\Notorious BIG\Greatest Hits\09-ten_crack_commandments.mp3
C:\DOCUME~1\Will\My Documents\Downloads\Notorious BIG\Life After Death\Disc 2\Notorious B.I.G. - Ten Crack Commandments.mp3
C:\DOCUME~1\Will\My Documents\Downloads\RegCure 1.5.0.0 + Crack\RegCure 1.5.0.0 + Crack
C:\DOCUME~1\Will\My Documents\Downloads\RegCure 1.5.0.0 + Crack\RegCure 1.5.0.0 + Crack.rar
C:\DOCUME~1\Will\My Documents\Downloads\RegCure 1.5.0.0 + Crack\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\Will\My Documents\Downloads\RegCure 1.5.0.0 + Crack\RegCure 1.5.0.0 + Crack\CRACK
C:\DOCUME~1\Will\My Documents\Downloads\RegCure 1.5.0.0 + Crack\RegCure 1.5.0.0 + Crack\RegCure 1.5.0.0 Trial.exe
C:\DOCUME~1\Will\My Documents\Downloads\RegCure 1.5.0.0 + Crack\RegCure 1.5.0.0 + Crack\CRACK\info.txt


[F:1718][D:395]-> C:\DOCUME~1\Will\LOCALS~1\Temp
[F:149][D:0]-> C:\DOCUME~1\Will\Cookies
[F:5377][D:20]-> C:\DOCUME~1\Will\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Wed 12/03/2008|12:02 - Option :

--------------------\\ Scan completed at 12:02:40
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 12/3/2008 9:43 PM (GMT +3)    Quote: Iexplore.exe virusAlert an admin about: Iexplore.exe virus
"I'm sorry, but we do not support piracy. Due to the fact that your logfile clearly shows you have atleast one known crack/keygen, we will not help you. This is the price you pay and the chance you take when you make the decision to side step payment to the author. Obviously you find the programs  to be useful; you should consider paying for it in the future. If you are not comfortable paying for the software, it's recommended you find another program that does not require payment. Cracking software via patches and/or keygens is generally frowned upon, not to mention illegal in most countries."

I´ll therefore lock this topic


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 
New Topic Locked Topic Printable version of : Iexplore.exe virus
 
Forum Information
Currently it is Tuesday, September 02, 2014 4:53 AM (GMT +3)
There are a total of 60,585 posts in 13,313 threads.
In the last 3 days there were 1 new threads and 5 reply posts. View Active Threads
Who's Online
This forum has 36299 registered members. Please welcome our newest member, Mercedes Ripple.
4 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Bullguard Backup: 3 GB of files are "missing" but freespace calcuation seems to think they (3)8/31/2014 11:20:08 PM (Robert Mateescu)
Blocking of sites (5)8/31/2014 6:53:45 PM (Robert Mateescu)
Bullguard 2014 Firewall and high DPC latency (15)8/30/2014 12:06:05 PM (ComFox)