UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
August
Su M Tu W Th F Sa
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Sponsored Links
Latest Postings
Amazon Gift Card Generator/KeyGen?te
by Gecko666
08/22/14 09:21 AM
Latest Reviews
Page 1 of 2 1 2 >
Topic Options
Rate This Topic
#6820 - 08/10/05 11:21 PM Iexplorer.exe
Geek142 Offline
Junior Member

Registered: 05/07/05
Posts: 15
Loc: Geraldton, western australia
Hey Guys

Lately when i have been playing counterstrike i have been Opening the task manager and checking for porgrams i could close to stop little bits of lag and free up some of my ram. I see 2 process's called "iexplorer.exe" know i know that its internet explorer but the thing is i dont have it running. It is normally taking up 20,000 k As soon as i boot up its there. I have tried a adware scan aswell as a virus scan but still there. So i thought i would ask you guys before i go and get it reformatted. One thing to add is that i have tried to end the process but it just reappears.

Cheers

Geek
_________________________
"Even the wisest of men still have something to learn"

Top
Sponsored Links
      
#6821 - 08/11/05 12:02 AM Re: Iexplorer.exe
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
You ALWAYS have internet explorer running, it's integrated into windows now; it IS your file browser and it supposidly makes shit run easier... Close it, you'll crash and at times will blue screen... If you reformat it'll still run as it does now as it's integrated...

Want to do away with it? supposidly you can buy a special version of window$ without it due to the UK causing M$ to rethink practices; that's about all you'll be able to do unless you revert to Windows 98.
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#6822 - 08/11/05 02:51 AM Re: Iexplorer.exe
§intå× Offline


*****

Registered: 12/03/02
Posts: 3255
Loc: Maryland
I have killed the iexplorer process before, but you allways have explorer. Same thing really. 20,000 is a bit high I average 15,000 to 10,000 for iexplorer. Here is an idea however.


Go to http://www.linuxiso.org/ download mandrake, redhat, slackware, what ever really and then go get wine http://www.winehq.com/, now you can kill tons of shit and have a much better faster system.

To fix the bugs in windows you have to get a real operating system. Windows has this virus, it takes up all of your RAM, it fills the hard drive with un needed stuff, it even updates its self, and once on your hard drive it takes over everything to a point where it can not work without it. Ummm hold up, never mind, that is windows its self.
_________________________
My New site OpenEyes

Top
#6823 - 08/11/05 03:30 AM Re: Iexplorer.exe
Digital Geek Offline
UGN Super Poster

Registered: 09/18/02
Posts: 553
Loc: Cluj-Napoca, Romania
On my box (running Windows XP Professional), I never had a process called "iexplorer.exe" running all the time.

As far as I know when you start the browser, for each session a process called "IEXPLORE.EXE" starts (not "iexplorer.exe").

And the process that usually runs all the time is "explorer.exe" which is the default shell for Windows XP. Also you can kill it if you want too, without crashing the system (the desktop will dissapear but all the processes will keep on running), and you can start it again if you want to (from the task manager -> new task -> explorer.exe).

It can also be replaced all together with a different shell. I use BlackBox for Windows (http://bb4win.org).

As far as the process "iexplorer.exe" goes, in my opinion your computer is infected with a virus. There are many viruses/trojans that start this process. For a list visit this link and after you find out with what you're infected head over to Symantec and download the removal tool for the virus in case.

Top
#6824 - 08/11/05 04:28 PM Re: Iexplorer.exe
sinetific Offline
nobody

Registered: 03/02/02
Posts: 815
Loc: Ann Arbor
Damn DG, you took the words right out of my mouth.

Top
#6825 - 08/12/05 01:17 AM Re: Iexplorer.exe
AMD/GeForce Offline
Junior Member

Registered: 06/20/05
Posts: 24
Loc: Florida
No its not a virus its there the very second you boot windows for the first time. As far as i know gizmo is correct.

Top
#6826 - 08/12/05 11:38 AM Re: Iexplorer.exe
Digital Geek Offline
UGN Super Poster

Registered: 09/18/02
Posts: 553
Loc: Cluj-Napoca, Romania
There is no Windows legit process called "iexplorer.exe" that runs at startup. Search for "iexplorer.exe process" on Google and you'll see for yourself.

If you have it you're computer is probably infected with something (spyware/virus/trojan).

Top
#6827 - 08/13/05 06:41 AM Re: Iexplorer.exe
Geek142 Offline
Junior Member

Registered: 05/07/05
Posts: 15
Loc: Geraldton, western australia
Would it clear things up if i took a screen shot so you could see exactly what is happening. And gizmo. I have never seen this process running before except for when i actually had Internet explorer open.
_________________________
"Even the wisest of men still have something to learn"

Top
#6828 - 08/13/05 06:44 AM Re: Iexplorer.exe
Geek142 Offline
Junior Member

Registered: 05/07/05
Posts: 15
Loc: Geraldton, western australia
Process File: iexplorer or iexplorer.exe
Process Name: RapidBlaster parasite

Description:
iexplorer.exe is the executable for a virus that is a variant of the RapidBlaster parasite that downloads and displays advertising from an Internet location. This process should be removed to ensure your personal privacy.

_________________________
"Even the wisest of men still have something to learn"

Top
#6829 - 08/13/05 08:53 AM Re: Iexplorer.exe
§intå× Offline


*****

Registered: 12/03/02
Posts: 3255
Loc: Maryland
http://www.download.com/Ad-Aware-SE-Personal-Edit...ad-aware&subj=dl&tag=top5
http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10401314.html?tag=lst- 0-1
http://www.download.com/HijackThis/3000-8022_4-10379544.html?tag=lst-0-1


Download and install the first 2 links above. Run the updates then scan and remove any bad programs it lists.

Next download the third link, "scan only" your PC and export the log file. Copy and paste the results in here and I will take a look. Chances are you have more than this bad program. All you have is ad ware. It isn't a virus. It is just crapy money making scam ware. Just be glad your not infected with supersearch aka cool web search. that nasty piece of poop... anyway. adaware and spybot should kill most if not all bad progys you got.

They are both free too. as is hijack this. Oh might want to just in case down load and run CWS shredder. it will look for and remove most versions of CWS cool web search
_________________________
My New site OpenEyes

Top
#6830 - 08/15/05 11:15 PM Re: Iexplorer.exe
Geek142 Offline
Junior Member

Registered: 05/07/05
Posts: 15
Loc: Geraldton, western australia
Well I just ran a scan of adaware before i came to the site. Didnt pick it up. I have also kept adaware updated. I stay away from spybot. It caused my computer to need a reformatt because it deleted.... Um i forgot, something about it deleted the .exe extenion file type in folder options. Couldnt open any thing.

But ill have another go.
_________________________
"Even the wisest of men still have something to learn"

Top
#6831 - 08/15/05 11:16 PM Re: Iexplorer.exe
Geek142 Offline
Junior Member

Registered: 05/07/05
Posts: 15
Loc: Geraldton, western australia
Logfile of HijackThis v1.99.1
Scan saved at 7:25:46 AM, on 16/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\SLEE401.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\RAM Idle\RAM_XP.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\WindowsXP\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lockpicking101.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.141.76.229:8080
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {37DFCAD2-F49A-9F87-BDD2-5DD48E805C68} - C:\DOCUME~1\WINDOW~1\APPLIC~1\SOFTWA~1\1long.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle\RAM_XP.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
O4 - HKLM\..\Run: [Dumb File Locks Beep] C:\Documents and Settings\All Users\Application Data\Flaw Knob Dumb File\Joy Blah.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [SP2ConnPatcher] "C:\Program Files\SP2 Connection Patcher\sp2connpatcher.exe" -n=200
O4 - HKCU\..\Run: [This manager] C:\DOCUME~1\WINDOW~1\APPLIC~1\FORTRA~1\ownsmpegpoke.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KXHCM10 Control) - http://rick.viewnetcam.com/kxhcm10.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/...eb_site.cab?11 05004638572
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Steganos Live Encryption Engine (Version 401) [Service] (SLEE_401_SERVICE) - Unknown owner - C:\WINDOWS\system32\SLEE401.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe (file missing)
_________________________
"Even the wisest of men still have something to learn"

Top
#6832 - 08/16/05 12:11 AM Re: Iexplorer.exe
EndGame Offline
UGN Custodian

Registered: 01/23/05
Posts: 589
Loc: brisbane (or any local pub)
to quote j:
'stop double posting'
(unless u have that wierd problem i have occasionally where the server locks me out of my post)

just click on the edit/delete icon (third one from you left) and post on ur original post about a minute before.
_________________________
Harry Potter Thread
if ur bored on the boards, get posting THERE!

Top
#6833 - 08/16/05 07:45 AM Re: Iexplorer.exe
Geek142 Offline
Junior Member

Registered: 05/07/05
Posts: 15
Loc: Geraldton, western australia
Who is double posting?
_________________________
"Even the wisest of men still have something to learn"

Top
#6834 - 08/16/05 07:52 AM Re: Iexplorer.exe
EndGame Offline
UGN Custodian

Registered: 01/23/05
Posts: 589
Loc: brisbane (or any local pub)
Geek142:

your first post: posted 15-08-2005 03:15 PM
your double post: posted 15-08-2005 03:16 PM

u can edit ur post within 30mins of it being posted. (usually)
_________________________
Harry Potter Thread
if ur bored on the boards, get posting THERE!

Top
Page 1 of 2 1 2 >

Moderator:  Infinite 
Featured Member
Registered: 08/22/14
Posts: 1
Forum Stats
2148 Members
46 Forums
34005 Topics
69172 Posts

Max Online: 1567 @ 04/25/10 02:20 AM
Top Posters
UGN Security 27167
Gremelin 7192
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Gecko666, defghi795767, Devo60, ali, lavos
2147 Registered Users
Who's Online
1 registered (Tim050), 298 Guests and 305 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!