I can't kill "iexplore.exe", which is supposedly the real process but it won't end without restarting itself. And if I open a REAL version of Internet Explorer, another process is opened...
I can't find an alternate "iexplore.exe" any where. From a Google search I can see lots of people have similar problems to mine, but the ones that are the closest (and most recent) have no solution.
What's the deal here? Is there a better way to get a look at how processes are spawning? I'm trying just HijackThis at the moment and some registry digging, but nothing helpful has shown up...
Mugenmidget on
0
Posts
Options
HenroidMexican kicked from Immigration ThreadCentrism is Racism :3Registered Userregular
In Task Manager, go to View > Select Columns... and add PID. Find the PID of iexplore.exe and type pskill 1234 (where 1234 is the PID number) in a command prompt.
You'll probably need to navigate to wherever you extract pskill at from the command prompt. Say for example you extract it to c:\pskill\
Open a command prompt (start > run > cmd) and type cd c:\pskill and press enter. Then type pskill 1234
Isn't ieexporer just a fancy name for Windows in Windows XP? It's like the file manager or something one of the reasons XP had so much problems and that Internet Explorer got so much flack is because it was so intertwined in the operating system.
Dritz on
There I was, 3DS: 2621-2671-9899 (Ekera), Wii U: LostCrescendo
Isn't ieexporer just a fancy name for Windows in Windows XP? It's like the file manager or something one of the reasons XP had so much problems and that Internet Explorer got so much flack is because it was so intertwined in the operating system.
iexplore is internet explorer
explorer is windows explorer (including the start menu/taskbar/desktop)
However they are both tightly integrated, but killing one won't (or shouldn't) kill the other.
Logfile of HijackThis v1.99.1
Scan saved at 11:08:45 AM, on 9/20/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
As for scanning, get some anti-spyware! Spybot S&D, Lavasoft Ad-Aware, Malwarebytes whateveritis. Also try free online scanners like http://www.pandasecurity.com/.
At start-up I was getting a window about user initialization, referencing the line "F:\Windows\system32:winsock.exe".
It was bizarre, but after I found it in the registry and got rid of it, the iexplore.exe process has failed to show up. And from my tests I've even fixed the issues I outlined in this thread:
Posts
http://technet.microsoft.com/en-us/sysinternals/bb896683.aspx
In Task Manager, go to View > Select Columns... and add PID. Find the PID of iexplore.exe and type pskill 1234 (where 1234 is the PID number) in a command prompt.
You'll probably need to navigate to wherever you extract pskill at from the command prompt. Say for example you extract it to c:\pskill\
Open a command prompt (start > run > cmd) and type cd c:\pskill and press enter. Then type pskill 1234
SC2 NA: exoplasm.519 | PA SC2 Mumble Server | My Website | My Stream
iexplore is internet explorer
explorer is windows explorer (including the start menu/taskbar/desktop)
However they are both tightly integrated, but killing one won't (or shouldn't) kill the other.
SC2 NA: exoplasm.519 | PA SC2 Mumble Server | My Website | My Stream
I highly recommend you download hijackthis and post the log here. (ideally as a link to the text file rather than posting the output)
Reading that I should be able to tell you what to delete from where.
---
I've got a spare copy of Portal, if anyone wants it message me.
Scan saved at 11:08:45 AM, on 9/20/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\RUNDLL32.EXE
F:\WINDOWS\system32\ctfmon.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Mozilla Firefox\firefox.exe
C:\Microsoft Image Composer\IMGCOMP.EXE
C:\program files\FileZilla Client\filezilla.exe
F:\WINDOWS\system32\taskmgr.exe
F:\WINDOWS\system32\wuauclt.exe
c:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: ActiveGS.cab - http://www.virtualapple.org/gs.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1218256145917
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
I don't like the sound of "MSIE: Unable to get Internet Explorer version!"...
You *have* run a full virus and spyware scan, yes?
If possible as a linked text file, for example: like this.
---
I've got a spare copy of Portal, if anyone wants it message me.
http://underground.bananachan.net/hijackthis.log
I re-installed IE7, so the version number is showing up at least.
I only ran a scan with Avast, unfortunately. Anything better that's free?
Unfortunately, pskill in this instance functions the same as just ending the process. It'll end, but eventually it runs itself again...
Try this to track down what is running at start up: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
As for scanning, get some anti-spyware! Spybot S&D, Lavasoft Ad-Aware, Malwarebytes whateveritis. Also try free online scanners like http://www.pandasecurity.com/.
SC2 NA: exoplasm.519 | PA SC2 Mumble Server | My Website | My Stream
It was bizarre, but after I found it in the registry and got rid of it, the iexplore.exe process has failed to show up. And from my tests I've even fixed the issues I outlined in this thread:
http://forums.penny-arcade.com/showthread.php?t=70527
It sounds like I was hijacked by something bizarre, anyone know what's up?