explorer.exe using over 70,000k of memory..Virus?

Hey im wondering if someone can give some advice as I think I might have a virus. I read this on bull-guard forum (my antivirus software)

The explorer.exe is a process; however, it is also a Trojan. cexx.org has an excellent removal process at this link: Advertising Spyware: DLDER.EXE, Explorer.exe trojan (ClickTillUWin)

We've found multiple infections in a few machines over the years. It's known as the dlder.exe Trojan and it drops another "explorer.exe" file in a separate folder, normally in 'C:\Windows\explorer\Explorer.exe'.

Please note that you have a legitimate original "explorer.exe" in 'C:\Windows\explorer.exe'

It also drops a startup file in your registry so it will run silently at startup...normally in your Local Machine Registry: [HKLM\SOFTWARE\games\Clicktilluwin]. However; we have also found the Clicktilluwin entry in ‘HKCU’ over the past few months. That said, you should do a search find on your total registry for the phrase 'Clicktilluwin'. Go to the link above and follow cexx.org's manual removal, then search your regedit for the 'Clicktilluwin' reg-key and you should be fine.

Anytime that you have explorer.exe running over....say....25,000K to 30,000K in the task manager, it's usually indicative of infection.

Hope this helps.

Max








Please can anyone give me any info? I am currently using bullguard anti virus registered and MBAM Free version

It's relatively easy in this case. Open task manager> Right click on explorer.exe and choose properties> On the General tab, the Location should be C:\Windows (assuming C:\ is the drive where the OS is installed)



You can also click on the details tab which should identify it as a Microsoft product.



Mine is running at 51k to 52k, so take things you read with a grain of salt.



Usually there will be 2 explorer.exe's if there is an infected one, and the spelling will be slightly different, and it won't be located in the root of Windows. It may show up as being in C:\Windows\explorer\exporer.exe, for instance.

Resource usage will vary by machine. You can get more info using a program like Process Explorer, but it's hard to say exactly what is using resources. If you have windows customizations like shell32.dll enhancements, there will be increased usage.

When in doubt, scan with Malwarebytes, or other antivirus/antispyware applications.

A Guy

I havent got two explorer.exe and also scanned with malwarebytes and bull guard anti-virus and also superAntiSpyware and my pc came up clean. Don't know why it was using so much memory but thanks for the help.

You can also always upload any suspect file to Virus Total for inspection. A Guy

Doesn't seem unusual to me. For example, I opened Task Manager and explorer was just over 50k. I then opened Windows Explorer, bounced around some of my large drives, check some drive properties - every new action caused the task manager explorer memory to go up. In no time I was over 66K.

HOWEVER, when "left alone" for a while the explorer memory footprint does begin to drop.

Regards,
GEWB

logicearth said:

You cannot be serious....You seriously cannot be serious...my god I wish I had as much RAM as you...yet here you are complaining about 70 MBs of your RAM being used...You cannot be serious!

Click to expand...

Hahaha lol yes. Never seen it use that much memory before though lol my bad