Not what you were looking for? Ask our experts!
Reply
Newbie
Riverotter
Posts: 3
Registered: ‎09-20-2009
Accepted Solution

iexplore.exe virus

My computer has been operating very slow for the last few days and I think I've found the cause of the problem, but I don't know how to fix it. 

 

When I hit Ctrl-Alt-Delete and look under Processes on Windows Task Manager, I notice that I get TWO items labeled "iexplore.exe" - even though I have only one browser window open.  One of them (which I think is the real one) uses up only a small amount of memory (generally less than 15,000), but the other (which I think is a virus masquerading as iexplore.exe) uses up anywhere from 70,000-200,000.  When I try to terminate the larger application, it restarts itself immediately.

 

Norton 360 cannot detect any problem.  Neither can Ad Aware.  After reading some of the posts on this forum, I downloaded Malwarebytes and it found quite a few problems that Norton 360 had overlooked, but it didn't find and solve this problem.  I also tried SuperAntiSpyware, but that program came up empty as well.

 

I've run HiJack This, but I don't see any unusual items on the list.

 

Could someone please help!!!

 

SendOfJive
Posts: 10,783
Kudos: 4,840
Solutions: 779
Registered: ‎02-07-2009

Re: iexplore.exe virus

Hi Riverrotter,

 

If you are using Internet Explorer 8, it will always have at least two processes running and sometimes more.  This is because each tab runs as a separate process as long as there is memory available to do so.  So you will have one process for the IE8 program, one for the current tab, and then additional processes that will vary in number depending upon how many tabs are open and the amount of memory that can be allocated.  If your scans are clean and you have no other symptoms of an infection then you are most likely ok.  Are there any other issues that would make you suspect malware is lingering on your system?

Newbie
Riverotter
Posts: 3
Registered: ‎09-20-2009

Re: iexplore.exe virus

Thanks SendOfJive.  I hadn't realized that. 

 

I do have one other symptom, though.  I have been getting an occasional pop-up that says:

 

"Windows Internet Explorer

 

 Are you sure that you want to navigate away from this page? 

 

  false

 

 Press OK to continue, or Cancel to stay on the current page."

 

This has been showing up randomly - maybe once or twice an hour - and it first started a few days ago.  Mostly it shows up when I'm trying to play a game of WordTwist on Facebook.  I know better than to hit either "OK" or "Cancel" when I see this sort of thing so I generally hit the "x" in the upper right hand corner and it goes away.  No harm done so far, but I don't know why it's doing this and this was the other reason that I thought something was wrong with IE.

 

 

SendOfJive
Posts: 10,783
Kudos: 4,840
Solutions: 779
Registered: ‎02-07-2009

Re: iexplore.exe virus

[ Edited ]

Hi Riverotter,

 

The navigation pop-up is a Facebook issue and is not a problem on your PC.  You can read about other people experiencing the same annoyance recently here:

 

Facebook says "Are you sure you want to navigate away from this page? false - click okay to continue...

 

EDIT: Don't know if this also might be related:

 

Facebook Confirms Site Glitches

Message Edited by SendOfJive on 09-21-2009 09:56 PM
Newbie
Riverotter
Posts: 3
Registered: ‎09-20-2009

Re: iexplore.exe virus

Thanks!  You've been a big help!
SendOfJive
Posts: 10,783
Kudos: 4,840
Solutions: 779
Registered: ‎02-07-2009

Re: iexplore.exe virus

You're welcome. 
Newbie
Posts: 1
Registered: ‎10-08-2009

Re: iexplore.exe virus

[ Edited ]

Since I cannot start a thread I thought I might share my personal experience with as many of you as I can. It all started with IE not working and spread through my system. This IS the actual conversation I had with the tech group at Norton (might seem harsh if you were not in my shoes and your computer wasn't holding up production $$$):

 

 

"Issue: A virus has attacked an office computer at my Fiance's business. This computer has Norton 360 v. 2.5 No warnings or blocks were displayed. Last update was Friday the 18, we think. I cannot open any .EXE files/programs or access the Registry.

Mr. Edward has entered room.

 Email with reconnect link has been sent to:edward.XXXXXXXXXXXX.com

 If you get disconnected, click the link to reconnect to the same chat session.

Agent has entered room.

Agent>You are being transferred to Agent.

 Agent>Welcome to NortonLive Spyware & Virus Removal Service. Is this the first time you are contacting us?

 Mr. Edward>For this instance, yes

 Agent>Please confirm your email address is edward.XXXXXXXXXX.com   and direct phone number is   XXXXXXXXXX . Is that correct?

 Mr. Edward>yes it is.

 Agent>Please provide me your alternate phone number or mobile number.

 Mr. Edward>This is my cell... You can call XXXXXXXXXX if that wont work

 Agent>Are you connected from the computer which has this particular issue?

 Mr. Edward>No... As stated in the initial message no .exe files/programs can be accessed with that computer

 Mr. Edward>Whatever Norton missed was a bad one... Almost happened to my home computer as well.

 Mr. Edward>I have 2009 on that... I had to manually stop the virus... Norton did nothing

 Agent>Are you near the computer and are you able to connect to the Internet from it?

 Mr. Edward>NO

 Agent>Is your computer connected to a local area network or it is a stand-alone PC?

 Mr. Edward>I am across the way, but it will not open anything

 Mr. Edward>even in safe mode

 Mr. Edward>no EXE's can be used

 Mr. Edward>norton/IE/REGEDIT, nothing

 Agent>Your Priority ID is  XXXXXXXX   . Please note down your Priority ID. If you need to contact us in the future about this issue, you can provide your Priority ID to the chat agent or enter it if you call. This will expedite our handling of your case.

 Agent>As I understand from your issue description,your computer is infected with virus.Am I correct?

 Mr. Edward>I would assume you are correct. You're the expert

 Agent>Yes.

 Mr. Edward>I dont mean to be impatient, but this is costing her down time... This is a small business and down time is $$$

 Mr. Edward>We purchased Norton to stop this type of attack... So far not proving veryy usefull

 Agent>We can help you only if you have Internet access on the infected computer.

 Mr. Edward>Cool. So as long as I cant get to Norton or the internet the computer is fried???

 Mr. Edward>Does that mean she gets her money back for the software?

 Agent>If you have concerns related to the product I will transfer you to the product team.

 Agent>I will now transfer this session to the Technical Support Team, who will assist you further with this issue.

 Please note that, you can also connect to them directly by visiting http://www.symantec.com/supportoptions

 It has been pleasure working with you, thank you for using Norton; have a great day.

 Please wait while I connect you to the Technical Support Team. This normally takes between 2 to 5 minutes.

 Agent>Please wait, while the issue is escalated to another analyst.

 

 Agent has entered room.

 Agent>Welcome to Norton Support, my name is Hari, Can I please have a minute or two to go through the information you have provided?

 Mr. Edward>No problem... Hopefully yo uwill be able to get me a little further than I have been so far.

 Agent>Thanks, your case number is XXXXXXXXX   , please write this down.

 Agent>Are you suspecting any virus or spy ware threat?

 Mr. Edward>As stated above, the computer has been hit with a virus. No spyware.

 Mr. Edward>I am not able to open any programs

 Mr. Edward>Not even in safe mode

 Agent>May I confirm the issue you are encountering is that you are not able to any program?

 Mr. Edward>Already did system restore and removed as many of the infected files as possible.

 Mr. Edward>I am not able to open programs/Norton/Regedit

 Mr. Edward>You are correct

 Agent>I will help you to resolve the issue.

 Agent>If we get disconnected for any reason, we’ll call you back within 30 minutes. Can I check that the phone number you have provided is the best number to call you on?

 Mr. Edward>XXXXXXXXXX

 Agent>Thank You.

 Agent>Are you chatting with me from the computer that has the issue?

 Mr. Edward>Did you read what was written above??

 Mr. Edward>I cannot open the internet from that computer

 Mr. Edward>That is why the first person would not help

 Agent>Edward,Please uninstall Norotn from the other computer and check if the issue exists.

 Agent>Is the issue exists,please contact your computer vendor to get the issue resolved.

 Agent>Is there anything else that I can help you with?

 Mr. Edward>So what you are saying is that Norton cannot fix the issue? The software that she purchased for this reason did not do its job?

 Agent>Edward,PLease check if the issue exists after uninstalling Norton from your computer.

 Mr. Edward>And if it still exists then what? I wont get another chance to get you on the line, so I need some answers. If it still exists then we have an issue here.

 Agent>If the issue exists even after uninstalling Norton from your computer,please cotatct  your computer vendor.

 Mr. Edward>The issue is that Norton did not catch the threat and she has been down for the day because of it.

 Agent>If your issue still exists,please contact us back and we will help you.

 Mr. Edward>You are not answering the question I have asked. Norton did not do what it was supposed to do here?

 Mr. Edward>OK. I am officially writting it down that I am not pleased with the interaction today and will be removing Norton from all of the computers I on, along with having anyone I have refered to you switch as well

 Mr. Edward>I have had increasing issues with your software and have been unhappy for some time now anyway.

 Mr. Edward>Thank you for your assistance with making my decission

 Agent>Edward,The issue your are encountering is the issue not related to Norotn.

 Agent>We suggest you to uninstall and check if your issue exists.

 Mr. Edward>It is actually. Norton did not catch the virus, so it IS Norton that caused the issue

 Mr. Edward>It is dirrectly related to how affective Norton is at doing its job

 Agent>Edward, Norotn  will protect your computer from all type of virus and the error occurred due to some windows error .

 Agent>Edward,Are you suspecting any virus or spyware threat on your computer?

 Mr. Edward>NO. The computer contracted a virus while on the internet and it propogated itself... Called Windows Police Pro... Ever heard of it???

 Mr. Edward>I already said YES to that wquestion twice. This is the third yes

 Agent>Edward,From looking at your computer it appears that your computer may be infected by a virus.

To help you with removing this virus off your computer what I can do for you is to transfer you across to our Virus Removal specialist team.

 Would this be ok with you?

 Mr. Edward>If they can help me without connecting to the computer, then yes I would

 Mr. Edward>Remember, the computer will not connect to the internet at this time

 Agent>Please wait, while the issue is escalated to another analyst.

 

 

Agent has entered room.

Agent>Welcome to NortonLive Spyware & Virus Removal Service.

 Is this the first time you are contacting us?

 Mr. Edward>Agent, have you had a chance to read through the above correspondence?

 Mr. Edward>I need more than scripted answers... you are the third person I am speaking to so far

 Agent>Sure. Please verify your email address for quality assurance..

 Mr. Edward>edwad.XXXXXXXXX.com

 Agent>Please provide me your alternate phone number or mobile number.

 Mr. Edward>XXXXXXXXXX

Agent>Your Priority ID is  XXXXXXXXX   . Please note down your Priority ID.

 Agent>Is your computer connected to a local area network or it is a stand-alone PC?

 Mr. Edward>It is connected to the internet, but as stated above will not open Internet Explorer because of the virus and what it did to the registry

Mr. Edward>I cannot open the registry either

 Mr. Edward>Windows Police Pro is what the virus placed on the computer, with almost 50 other files

 Agent>As I understand from your case description Your system is infected with Windows Police Pro and you are not able to access internet from the infected pc. Is that correct?

 Mr. Edward>yes

 Mr. Edward>All .EXE files are not able to be opened

 Mr. Edward>Computer is opperational otherwise

 Agent>Are you able to access to any sites like Google?

 Mr. Edward>I CANNOT OPEN INTERNET EXPLORER or any other programs like NORTON or REGEDIT

 Mr. Edward>I also tried in safe mode.

 Mr. Edward>The computer has a virus that Norton did not catch, stop or fix... Now what do we do???

 Agent>Edward, in this case I would recommend you to contact a local technician or systems vendor.Sine you are not able to access internet we can not take remote access and to remove the infection

 Mr. Edward>Who will pay for such a thing? That's why we purchased your software.

 Mr. Edward>Agent, This is why I asked you to read the other correspondence before we started. Then we wouldn't have wasted all this time getting to this point.

 Mr. Edward>You are the third person to give me the exact same service... with the exact same script.

 Agent>I do understand your concern, for virus removal we need to take remote access. Without taking remote we can not do anything.

 Mr. Edward>Right, so my question would be, who pays for the guy that has to come here to do what your software was supposed to do in the first place?

 Mr. Edward>Out of all the attacks I have had, about 50% make it right past your software and I end up having to reload windows...

 Agent>Norton most probably is working well on your computer. But it’s also important to note that no security software can afford you 100% protection. This is because a lot of environmental variables, the vulnerabilities of Windows and the software’s/applications on your computer play a pivotal role in keeping your computer secure. If there is any level of insecurity or any security holes, the possibility of a security breach is always present.

 Mr. Edward>But if I run the software inspection tool and it comes back OK and tells me that my computer is good for security I should be OK. Norton had one software to cover. Internet explorer.

 Mr. Edward>Basically I am saying that I am not satisfied with your product anymore. I have been using it for 6 years now... I would be naive to think it will catch 100%, but so far it hasnt even done 10% in this case

 AGent>Is there anything else I can help you with?

 Mr. Edward>This computer has been attacked several times, without so much as a warning from Norton

 Mr. Edward>Yes. You can log an official complaint for me

 Mr. Edward>You are telling me that through no fault of my own I need to spend money to fix what your software was designed to stop.

 Agent>Okay.

 Agent>If you need to contact NortonLive Spyware & Virus Removal Service again please visit http://www.symantec.com/vremoval

 It has been pleasure assisting you. Thank you for choosing NortonLive. Have a great day.

 Mr. Edward>I would like all 3 of the agents today mentioned in this complaint

 Mr. Edward>I will also make sure to email corporate

 Agent>Sure.

 Mr. Edward>I will copy this conversation and place it in a text file for there reading purposes

 Mr. Edward>Thank you for helping 20 customers move to another antivirus software

 Mr. Edward>Have a great day."

 

Nothing was said and I have since moved my 4 computers, the entire network at my Fiance's office and many of my friends to a new anti-virus software.

I found out later that this virus was a WELL KNOWN virus that Norton should have easily stopped.

 

Hope this helps someone!!

 

[edit:Please do not post personal information such as names or ID numbers per the  Participation Guidelines and Terms of Service.]

 

 

Message Edited by shannons on 10-08-2009 10:59 AM