Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


kaspersky 'invader' issue

Posted on 2011-04-28
Medium Priority
Last Modified: 2013-11-22
hi all

My client is using kaspersky (v6? for workstations)

every time he opens ie8 he gets a message telling him the application is showing signs of being a virus of type 'invader' skip, deny or terminate...

started happening this morning..

we have run a kaspersky scan, it picked up a couple of things,... then a malware bytes scan picked up some more, then a 'superantispyware' scan picked up a couple more again....

but still the same message appears...

here is some more detailed description:

Process C:\windows\system32\svchost.exe (PID: 1944) is attempting to invave process C:\program files\internet explorer\iexplre.exe (PID: 6056).  This behaviour is typical of some malware.

Any ideas what to do next?

Question by:cycledude
LVL 38

Accepted Solution

younghv earned 2000 total points
ID: 35484146
I always start with a "rogue process" stopper before doing scans - and I always do the scans in "Normal Mode" (not "Safe Mode").

These EE Articles will give you more details:
http://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
http://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)
LVL 47

Expert Comment

ID: 35484256
iexplre.exe <<-- is that a typo of iexplore.exe?

Can we also look at the Kaspersky log that the scan generated?
All the generated logs from Mbam, SAS and Kaspersky if possible.

Author Comment

ID: 35484858
Hi thanks for the tips....

yes, iexplre.exe was a typo on my part! lol

it's now a long bank holiday weekend, so it will be thursday before I can come back with any info...

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most PC repair technicians (if not all) always start their cleanup process by emptying the temp folders before running any removal tools. It makes sense because temp folders are common places for malware installers to lurk and removing all the junk …
There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question