Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#6820 - 08/11/05 06:21 AM Iexplorer.exe  
Joined: May 2005
Posts: 15
Geek142 Offline
Junior Member
Geek142  Offline
Junior Member

Joined: May 2005
Posts: 15
Geraldton, western australia
Hey Guys

Lately when i have been playing counterstrike i have been Opening the task manager and checking for porgrams i could close to stop little bits of lag and free up some of my ram. I see 2 process's called "iexplorer.exe" know i know that its internet explorer but the thing is i dont have it running. It is normally taking up 20,000 k As soon as i boot up its there. I have tried a adware scan aswell as a virus scan but still there. So i thought i would ask you guys before i go and get it reformatted. One thing to add is that i have tried to end the process but it just reappears.

Cheers

Geek


"Even the wisest of men still have something to learn"
Sponsored Links
#6821 - 08/11/05 07:02 AM Re: Iexplorer.exe  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
You ALWAYS have internet explorer running, it's integrated into windows now; it IS your file browser and it supposidly makes shit run easier... Close it, you'll crash and at times will blue screen... If you reformat it'll still run as it does now as it's integrated...

Want to do away with it? supposidly you can buy a special version of window$ without it due to the UK causing M$ to rethink practices; that's about all you'll be able to do unless you revert to Windows 98.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#6822 - 08/11/05 09:51 AM Re: Iexplorer.exe  
Joined: Dec 2002
Posts: 3,255
§intå× Offline
§intå×  Offline


Joined: Dec 2002
Posts: 3,255
Likes: 1
Maryland
I have killed the iexplorer process before, but you allways have explorer. Same thing really. 20,000 is a bit high I average 15,000 to 10,000 for iexplorer. Here is an idea however.


Go to http://www.linuxiso.org/ download mandrake, redhat, slackware, what ever really and then go get wine http://www.winehq.com/, now you can kill tons of shit and have a much better faster system.

To fix the bugs in windows you have to get a real operating system. Windows has this virus, it takes up all of your RAM, it fills the hard drive with un needed stuff, it even updates its self, and once on your hard drive it takes over everything to a point where it can not work without it. Ummm hold up, never mind, that is windows its self.

#6823 - 08/11/05 10:30 AM Re: Iexplorer.exe  
Joined: Sep 2002
Posts: 553
Digital Geek Offline
UGN Super Poster
Digital Geek  Offline
UGN Super Poster

Joined: Sep 2002
Posts: 553
Cluj-Napoca, Romania
On my box (running Windows XP Professional), I never had a process called "iexplorer.exe" running all the time.

As far as I know when you start the browser, for each session a process called "IEXPLORE.EXE" starts (not "iexplorer.exe").

And the process that usually runs all the time is "explorer.exe" which is the default shell for Windows XP. Also you can kill it if you want too, without crashing the system (the desktop will dissapear but all the processes will keep on running), and you can start it again if you want to (from the task manager -> new task -> explorer.exe).

It can also be replaced all together with a different shell. I use BlackBox for Windows (http://bb4win.org).

As far as the process "iexplorer.exe" goes, in my opinion your computer is infected with a virus. There are many viruses/trojans that start this process. For a list visit this link and after you find out with what you're infected head over to Symantec and download the removal tool for the virus in case.

#6824 - 08/11/05 11:28 PM Re: Iexplorer.exe  
Joined: Mar 2002
Posts: 815
sinetific Offline
nobody
sinetific  Offline
nobody

Joined: Mar 2002
Posts: 815
Ann Arbor
Damn DG, you took the words right out of my mouth.

Sponsored Links
#6825 - 08/12/05 08:17 AM Re: Iexplorer.exe  
Joined: Jun 2005
Posts: 24
AMD/GeForce Offline
Junior Member
AMD/GeForce  Offline
Junior Member

Joined: Jun 2005
Posts: 24
Florida
No its not a virus its there the very second you boot windows for the first time. As far as i know gizmo is correct.

#6826 - 08/12/05 06:38 PM Re: Iexplorer.exe  
Joined: Sep 2002
Posts: 553
Digital Geek Offline
UGN Super Poster
Digital Geek  Offline
UGN Super Poster

Joined: Sep 2002
Posts: 553
Cluj-Napoca, Romania
There is no Windows legit process called "iexplorer.exe" that runs at startup. Search for "iexplorer.exe process" on Google and you'll see for yourself.

If you have it you're computer is probably infected with something (spyware/virus/trojan).

#6827 - 08/13/05 01:41 PM Re: Iexplorer.exe  
Joined: May 2005
Posts: 15
Geek142 Offline
Junior Member
Geek142  Offline
Junior Member

Joined: May 2005
Posts: 15
Geraldton, western australia
Would it clear things up if i took a screen shot so you could see exactly what is happening. And gizmo. I have never seen this process running before except for when i actually had Internet explorer open.


"Even the wisest of men still have something to learn"
#6828 - 08/13/05 01:44 PM Re: Iexplorer.exe  
Joined: May 2005
Posts: 15
Geek142 Offline
Junior Member
Geek142  Offline
Junior Member

Joined: May 2005
Posts: 15
Geraldton, western australia
Process File: iexplorer or iexplorer.exe
Process Name: RapidBlaster parasite

Description:
iexplorer.exe is the executable for a virus that is a variant of the RapidBlaster parasite that downloads and displays advertising from an Internet location. This process should be removed to ensure your personal privacy.



"Even the wisest of men still have something to learn"
#6829 - 08/13/05 03:53 PM Re: Iexplorer.exe  
Joined: Dec 2002
Posts: 3,255
§intå× Offline
§intå×  Offline


Joined: Dec 2002
Posts: 3,255
Likes: 1
Maryland
http://www.download.com/Ad-Aware-SE-Personal-Edit...ad-aware&subj=dl&tag=top5
http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10401314.html?tag=lst- 0-1
http://www.download.com/HijackThis/3000-8022_4-10379544.html?tag=lst-0-1


Download and install the first 2 links above. Run the updates then scan and remove any bad programs it lists.

Next download the third link, "scan only" your PC and export the log file. Copy and paste the results in here and I will take a look. Chances are you have more than this bad program. All you have is ad ware. It isn't a virus. It is just crapy money making scam ware. Just be glad your not infected with supersearch aka cool web search. that nasty piece of poop... anyway. adaware and spybot should kill most if not all bad progys you got.

They are both free too. as is hijack this. Oh might want to just in case down load and run CWS shredder. it will look for and remove most versions of CWS cool web search

Sponsored Links
#6830 - 08/16/05 06:15 AM Re: Iexplorer.exe  
Joined: May 2005
Posts: 15
Geek142 Offline
Junior Member
Geek142  Offline
Junior Member

Joined: May 2005
Posts: 15
Geraldton, western australia
Well I just ran a scan of adaware before i came to the site. Didnt pick it up. I have also kept adaware updated. I stay away from spybot. It caused my computer to need a reformatt because it deleted.... Um i forgot, something about it deleted the .exe extenion file type in folder options. Couldnt open any thing.

But ill have another go.


"Even the wisest of men still have something to learn"
#6831 - 08/16/05 06:16 AM Re: Iexplorer.exe  
Joined: May 2005
Posts: 15
Geek142 Offline
Junior Member
Geek142  Offline
Junior Member

Joined: May 2005
Posts: 15
Geraldton, western australia
Logfile of HijackThis v1.99.1
Scan saved at 7:25:46 AM, on 16/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\SLEE401.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\RAM Idle\RAM_XP.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\WindowsXP\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lockpicking101.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.141.76.229:8080
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {37DFCAD2-F49A-9F87-BDD2-5DD48E805C68} - C:\DOCUME~1\WINDOW~1\APPLIC~1\SOFTWA~1\1long.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle\RAM_XP.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
O4 - HKLM\..\Run: [Dumb File Locks Beep] C:\Documents and Settings\All Users\Application Data\Flaw Knob Dumb File\Joy Blah.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [SP2ConnPatcher] "C:\Program Files\SP2 Connection Patcher\sp2connpatcher.exe" -n=200
O4 - HKCU\..\Run: [This manager] C:\DOCUME~1\WINDOW~1\APPLIC~1\FORTRA~1\ownsmpegpoke.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KXHCM10 Control) - http://rick.viewnetcam.com/kxhcm10.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/...eb_site.cab?11 05004638572
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Steganos Live Encryption Engine (Version 401) [Service] (SLEE_401_SERVICE) - Unknown owner - C:\WINDOWS\system32\SLEE401.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe (file missing)


"Even the wisest of men still have something to learn"
#6832 - 08/16/05 07:11 AM Re: Iexplorer.exe  
Joined: Jan 2005
Posts: 589
EndGame Offline
UGN Custodian
EndGame  Offline
UGN Custodian

Joined: Jan 2005
Posts: 589
brisbane (or any local pub)
to quote j:
'stop double posting'
(unless u have that wierd problem i have occasionally where the server locks me out of my post)

just click on the edit/delete icon (third one from you left) and post on ur original post about a minute before.


Harry Potter Thread
if ur bored on the boards, get posting THERE!
#6833 - 08/16/05 02:45 PM Re: Iexplorer.exe  
Joined: May 2005
Posts: 15
Geek142 Offline
Junior Member
Geek142  Offline
Junior Member

Joined: May 2005
Posts: 15
Geraldton, western australia
Who is double posting?


"Even the wisest of men still have something to learn"
#6834 - 08/16/05 02:52 PM Re: Iexplorer.exe  
Joined: Jan 2005
Posts: 589
EndGame Offline
UGN Custodian
EndGame  Offline
UGN Custodian

Joined: Jan 2005
Posts: 589
brisbane (or any local pub)
Geek142:

your first post: posted 15-08-2005 03:15 PM
your double post: posted 15-08-2005 03:16 PM

u can edit ur post within 30mins of it being posted. (usually)


Harry Potter Thread
if ur bored on the boards, get posting THERE!
#6835 - 08/17/05 06:59 AM Re: Iexplorer.exe  
Joined: May 2005
Posts: 15
Geek142 Offline
Junior Member
Geek142  Offline
Junior Member

Joined: May 2005
Posts: 15
Geraldton, western australia
Ok, I am confused. They are both 2 different posts. The one at 03:16 PM was the log file of "hijackthis".


Geek


"Even the wisest of men still have something to learn"

Member Spotlight
Gremelin
Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics47,469
Posts82,639
Average Daily Posts8
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 40,633
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)