Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: several iexplorer.exe running in the background  (Read 6115 times)

0 Members and 1 Guest are viewing this topic.

Zebob

  • Guest
several iexplorer.exe running in the background
« on: September 04, 2005, 07:25:52 AM »
Hey, ive got a problem here. Several iexplorer.exe is running the background and starting up automaticly and i havnt got a clue why.
Ive ran AVG, housecall, spybot and ad-aware and removed all viruses and spywares on the comp. Ive actually been so thorough to run em all twice or even three times. And now im pretty confident im out of viruses. Yet the iexplorer.exe problem remains. Its really hard on my memory and having about 10instances of explore.exe runing at all times makes my comp really slow.
Ill post my hijack log too if anyone can find anything in it that looks sus. Besides that im all out of clues what to do  ???
Logged

Zebob

  • Guest
Re: several iexplorer.exe running in the backgroun
« Reply #1 on: September 04, 2005, 07:27:03 AM »
Logfile of HijackThis v1.99.1
Scan saved at 15:27:08, on 2005-09-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\winldra.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\mIRC\mirc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Grisoft\AVG7\avgemc.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Documents and Settings\Adam.UMPA\Desktop\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [vmcleaner] gxlib.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: PokerNow - {2DB0FBAF-5223-4c96-8C25-F60D5E437D34} - C:\Program Files\PokerNow\PokerNow.exe
O9 - Extra 'Tools' menuitem: PokerNow - {2DB0FBAF-5223-4c96-8C25-F60D5E437D34} - C:\Program Files\PokerNow\PokerNow.exe
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
O9 - Extra button: Intertops Poker - {5706EACE-252A-4af9-AA8D-1F8813B50469} - C:\Program Files\Intertops Poker\IntertopsPoker.exe
O9 - Extra 'Tools' menuitem: Intertops Poker - {5706EACE-252A-4af9-AA8D-1F8813B50469} - C:\Program Files\Intertops Poker\IntertopsPoker.exe
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
Logged

Fed

  • Moderator


    • Sage
    • Thanked: 35
    • Experience: Experienced
    • OS: Windows XP
    Re: several iexplorer.exe running in the backgroun
    « Reply #2 on: September 04, 2005, 11:27:41 PM »
    winldra.exe
    http://www.bleepingcomputer.com/startups/winldra.exe-7777.html
    Do me a favour?
    See if either of these show it as a virus.
    Free online virus scan
    http://www.pandasoftware.com/activescan/
    Free online spyware scan
    http://www.pandasoftware.com/products/spyxposer/com/spyxposer_principal.htm
    Then get rid of it quick smart.
    Logged

    Fed

    • Moderator


      • Sage
      • Thanked: 35
      • Experience: Experienced
      • OS: Windows XP
      Re: several iexplorer.exe running in the backgroun
      « Reply #3 on: September 04, 2005, 11:41:29 PM »
      gxlib.exe
      http://www.sophos.com/virusinfo/analyses/trojsmallhs.html
      Did you get your logfile analysed at the Hijackthis site?
      Logged
      Pages: [1]   Go Up
      « previous next »