As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/
Options
iexplore.exe running at start-up, won't stop
Mugenmidget
Registered User regular
Registered User regular
I can't kill "iexplore.exe", which is supposedly the real process but it won't end without restarting itself. And if I open a REAL version of Internet Explorer, another process is opened...
I can't find an alternate "iexplore.exe" any where. From a Google search I can see lots of people have similar problems to mine, but the ones that are the closest (and most recent) have no solution.
What's the deal here? Is there a better way to get a look at how processes are spawning? I'm trying just HijackThis at the moment and some registry digging, but nothing helpful has shown up...
I can't find an alternate "iexplore.exe" any where. From a Google search I can see lots of people have similar problems to mine, but the ones that are the closest (and most recent) have no solution.
What's the deal here? Is there a better way to get a look at how processes are spawning? I'm trying just HijackThis at the moment and some registry digging, but nothing helpful has shown up...
Mugenmidget on
0
Posts
http://technet.microsoft.com/en-us/sysinternals/bb896683.aspx
In Task Manager, go to View > Select Columns... and add PID. Find the PID of iexplore.exe and type pskill 1234 (where 1234 is the PID number) in a command prompt.
You'll probably need to navigate to wherever you extract pskill at from the command prompt. Say for example you extract it to c:\pskill\
Open a command prompt (start > run > cmd) and type cd c:\pskill and press enter. Then type pskill 1234
SC2 NA: exoplasm.519 | PA SC2 Mumble Server | My Website | My Stream
iexplore is internet explorer
explorer is windows explorer (including the start menu/taskbar/desktop)
However they are both tightly integrated, but killing one won't (or shouldn't) kill the other.
SC2 NA: exoplasm.519 | PA SC2 Mumble Server | My Website | My Stream
I highly recommend you download hijackthis and post the log here. (ideally as a link to the text file rather than posting the output)
Reading that I should be able to tell you what to delete from where.
---
I've got a spare copy of Portal, if anyone wants it message me.
Scan saved at 11:08:45 AM, on 9/20/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\RUNDLL32.EXE
F:\WINDOWS\system32\ctfmon.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Mozilla Firefox\firefox.exe
C:\Microsoft Image Composer\IMGCOMP.EXE
C:\program files\FileZilla Client\filezilla.exe
F:\WINDOWS\system32\taskmgr.exe
F:\WINDOWS\system32\wuauclt.exe
c:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: ActiveGS.cab - http://www.virtualapple.org/gs.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1218256145917
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
I don't like the sound of "MSIE: Unable to get Internet Explorer version!"...
You *have* run a full virus and spyware scan, yes?
If possible as a linked text file, for example: like this.
---
I've got a spare copy of Portal, if anyone wants it message me.
http://underground.bananachan.net/hijackthis.log
I re-installed IE7, so the version number is showing up at least.
I only ran a scan with Avast, unfortunately. Anything better that's free?
Unfortunately, pskill in this instance functions the same as just ending the process. It'll end, but eventually it runs itself again...
Try this to track down what is running at start up: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
As for scanning, get some anti-spyware! Spybot S&D, Lavasoft Ad-Aware, Malwarebytes whateveritis. Also try free online scanners like http://www.pandasecurity.com/.
SC2 NA: exoplasm.519 | PA SC2 Mumble Server | My Website | My Stream
It was bizarre, but after I found it in the registry and got rid of it, the iexplore.exe process has failed to show up. And from my tests I've even fixed the issues I outlined in this thread:
http://forums.penny-arcade.com/showthread.php?t=70527
It sounds like I was hijacked by something bizarre, anyone know what's up?