Not open for further replies.
Infection date and initial symptoms
8th Febuary 2015

PLease note that all symptoms are occuring WITHOUT having to open IE.
I only have used firefox/chrome.

Firefox being extremely slow (not ALL the time but sometimes)
Explorer(not internet, the file explorer) being slow sotimes (Note: This has been the case with my Laptop from time to time)

I checked to find in my Taks Manger (Showing processes of all users)
that there were 26 i.explore.exe processes all consisting of 110-120KB!

ALL of the 26 processes were found under the location of

Programme Files/Internet Explorer/ i.explore.exe

Ulike the repots on this threads or other websites such as youtube I do not get any
NO popups/redirections/ scareware ish ads for a AntiVirus/Malware software
in Firefox or Chrome (Havent used IE to check)

And also although I think its a hadware failure, the sound completely stops randomly
after about 5-10 minutes of playing a video in Youtube( according to the speaker on the bottom right, its still is playing sound and when External speakers/earphones were used there are no problems)
Current issues and symptoms
After all the removal attempts, I restarted. On startup I always get the TRDC Reminder which froze when I try to click close (probably because I was rushing) and before I did anything-else I booted the task manager to find iexplore.exe running.

But iexplore.exe suddently stopped running in background (n.b. without opening the IE Browser)after running FRST64.exe for some reason

To double check i booted the IE Browser. in the task manager,
IE browser a new process appears the file location is as follows

C:\Program Files (x86)\iexplore.exe*82

When IE brower is opened, the iexplore.exe that reappears in the taskmanger
and increases its size to 8,900 kb - 9,00kb (constantly but randomly changing the sizeeven when the browser is staying on google uk homepage) and the iexplore.exe disappears when the browser is closed and has not come back yet so far.

The Firefox Browser seemt ohave no visible changes, still NO redirections no scareware adds
or popups as I have seen in othe reports.
Steps taken in order to remove the infection
foce ending the iexplore.exe manually one by one
(got rid of duplicates but found always one remained untill
the fore-mentioned FRST which IfI recall correctly is just makes a report
so its a mystery)
___Run Under Normal Mode_____
1) AdwCleaner (Have attached the latest scan log)
2) AVG 2015 Free Edition (Did not found anything)
3) ECshield on all External HDD and C+D Drives

______Run under Safe-Mode_____
3) Super AntiSpyware Free Edition- Found a lot of Cookie Trackers but Spybot seems to have got rid of the logs as I cannot locate it wthin the log section
4) Spybot - Will attach
5) CC Cleaner


Former MalwareTips Staff
C:\Program Files (x86)\iexplore.exe*32 is legitimate file.
It's part of the tab crash/isolation process. Tabs run in separate instances. Nothing to worry about.

Logs doesn't show active infection.


New Member
how about the iexplore.exe without the *32? is that also a legitimate internet explorer process? just wanted your clarification


New Member
Hmm I just got back from work and checked the processes by all users and seeing multiple iexplore.exe again (this time only 5) (it was put to sleep when I was working)

the location is once again for ALL the mulitple processes are in C:\Program Files (x86)\iexplore.exe

could you explain
1)why both iexplore.exe and iexplore.exe*32 is run under two different processes when IE browser is open)
2)Why there are mutiples of iexplore.exe even when IE browser is closed?


New Member
So how about the iexplore.exe running without IE browser? is it as you explained in your previous
post that about multi tabs, it should be running even when IE browser is CLOSED?

C:\Program Files (x86)\iexplore.exe*32 is legitimate file.
It's part of the tab crash/isolation process. Tabs run in separate instances. Nothing to worry about.

Logs doesn't show active infection.


New Member
Nope not a virus according to VirusTotal.
Thank you Argus once again sorry for being a pesky paranoid client.
Not open for further replies.