appologies guys if this is in the wrong section.
i have been searching the net to get rid of iexplore,it has hijacked my browser.
i have tried various removal suggestion through the registry but it just won't go away.

o/s win xp home serv pk 2 :bang head

i have rid of it befor but this time it ain't going away :mad:
help help help.....where has this come from again...running fire wall x2,norton sys works,spybot,router with fire wall,crikey much more security i will have to get more ram just to boot.... lol

come on someone give it your best shot.....no christmas card for mr gates this christmas :santa:

tanx :cool:

**Edit - That could come off as a personal attack. You should know that by now. Please be a little more understanding next time -- Oni :sn:**

But, try search for a utility called hijackit, it can save you from moster explorer problems when hijacked by certain spyware, adware etc.

Come again?

Flix

**Edit - Personal attack**

What browser are you using...

Iexplore.exe is the executable for Internet Explorer, and is not a spyware component per-say, though some people may think differently. ;) Press windows+r and type iexplore.exe www.ocforums.com and hit enter - it will take you to the forums.

Perhaps you mean you are infected with Isearch, dunno. If you really think you are infected with Iexplore, and you have experience with what spyware component it is - then link us to some documentation on it please.

More likely, you have a LOP (http://www.spy-bot.net/lop.asp) infection... Which disguises its processes as IEXPLORE.exe I believe. So you do not have an IEXPLORE infection exactly, but that may be the way you are recognizing it.

You need to run a scan that recognizes what your infection is, so that we can help you clean it. Follow the malware warfare guide in my sig, then report back when you get to the part about "HiJackThis" and you have a logfile for us to look at. If you don't want to follow that guide, just boot into safe mode and run fully updated scans with adaware, spybot, and then save a logfile with hijackthis right before you finish and report back.

The right section for these sorts of problems is Internet, Networking, and Security - it sounds like you atleast think you have a security problem.

first I would start wit using bazooka spyware blaster (http://www.kephyr.com/spywarescanner/). It has shown me that it finds the more obscure problems in many of the PCs that I have cleaned recently. It does require a bit more of familiarity than Adaware or Spybot(which on the whole are way better programs, but this is great for oddballs) but it will give you comprehensive instructions to remove. I have come accross this one myself and it was a little more troublesome than others but it is able to be removed.

thanx for the quick input guys....another prob if i try the links you have posted i can not connect.
iexplore has appeared befor in add & remove programs and i have removed that way,not there this time (this new version appeared 2 days ago)
also in programs\internet explorer\ the blue e is named iexplore,i can still launch on to google ect but in processes i have explorer running and iexplore which is using 10573 kb,if i end the process explorer shuts down.
it's bugging me,as i have my system (xp i.e 60) tweaked to run at 112mb of memory use.
i have been in the registry and removed it in safe mode with system restore turned of.
but still it comes back.
what is this program doing..sorry to be picky but i was haked two weeks ago from listening to media player radio,also loaded service pack 2 last week,to which i have now taken off and reloaded i.e 6.

thanx for the quick input guys....another prob if i try the links you have posted i can not connect.
iexplore has appeared befor in add & remove programs and i have removed that way,not there this time (this new version appeared 2 days ago)
also in programs\internet explorer\ the blue e is named iexplore,i can still launch on to google ect but in processes i have explorer running and iexplore which is using 10573 kb,if i end the process explorer shuts down.
it's bugging me,as i have my system (xp i.e 60) tweaked to run at 112mb of memory use.
i have been in the registry and removed it in safe mode with system restore turned of.
but still it comes back.
what is this program doing..sorry to be picky but i was haked two weeks ago from listening to media player radio,also loaded service pack 2 last week,to which i have now taken off and reloaded i.e 6.

WTF?

As was asked before... which browser are you using????

Do you WANT to use IE? (Internet Exporer) (iexplore.exe)
Or are you using something else?

It sounds like you are confused. iexplore.exe is INTERNET EXPLORER - A BROWSER, explorer.exe is the Windows Shell (EXPLORER), it lets you look at files on your computer.

You should NOT be trying to delete or uninstall iexplore.exe..... If you want to use another browser, do it and set it to your default browser.

and what do you mean you were "haked two weeks ago from listening to media player radio" ....?

**Edit - Personal attack**

thanx for the quick input guys....another prob if i try the links you have posted i can not connect.
iexplore has appeared befor in add & remove programs and i have removed that way,not there this time (this new version appeared 2 days ago)
also in programs\internet explorer\ the blue e is named iexplore,i can still launch on to google ect but in processes i have explorer running and iexplore which is using 10573 kb,if i end the process explorer shuts down.
it's bugging me,as i have my system (xp i.e 60) tweaked to run at 112mb of memory use.
i have been in the registry and removed it in safe mode with system restore turned of.
but still it comes back.
what is this program doing..sorry to be picky but i was haked two weeks ago from listening to media player radio,also loaded service pack 2 last week,to which i have now taken off and reloaded i.e 6.

Okay, before anyone else is confused here, lets make something clear:

You have no idea what you are talking about, and people will likely become frustrated.

________________________________________-

Iexplore.exe is a built-in, integrated component of every Windows installation.

Explorer shuts down when you end the Iexlpore process because that IS Internet Explorer.

As far as memory usage, you cannot "tweak" to use an exact amount of memory. There are programs which will free memory when you reach certain trigger points, but they do not help performance.

If you want any help, with whatever you think is wrong, you will have to follow my guide, and post a hijackthis log... Otherwise, if you keep going on about whatever it is your going on about, no one is going to get anywhere with this thread. Work with us here, please.

Answer these questions:

1) Do you want to use Internet Explorer?

2) Is your homepage being hijacked?

3) Have you completed my Malware Warfare guide?

Thank you.

ok,anger seems to showing across 5000 miles of water.....
all i asked is a basic question to try and find out what iexplore is.
it was not on my pc two nights ago,it is not there when i build systems.
i put this word into google (someone please try that one ) i read in google that this exe can cause internet probs,ie: broswer taken over,trojans ect.
so i am worried,as said i was hacked or somthing took out my whole system when on mediaplayer listening to radio,i no how to reactivate my copy of xp using the wpl file backup way,this file had gone and i had icons i have never seen befor+very few programs and games would work.

the answer to 1 yes
2 this is what i amtrying to find out !
3 for some reason i can not linbk of this

so please except my appologies for trying to get help from people with who i thought might be of some help instead of taking the p***,

**Edit - Personal attack**

just some freindly advice thats all.....thanx for your break down I.M.O.G.

one last word search google you will find warnings on this exe,and yes you can get hacked by media player,check microsoft updsate sight for past updates :-(

just a quick link for some feed back....

http://www.computing.net/windowsxp/wwwboard/forum/114446.html

maybe you are spelling it wrong (not at all a crazy concept since your typing seems a bit erratic)

All the web pages I get say iexplore.exe is Internet Explorer, there are trojans that name themselves similar things to that so it doesn't look out of the ordinaroy, like lexplore.exe (lowercase L).

Well, if you dont want IExplore.exe to show up, download Mozilla firefox and never open internet explorer again. Firefox is a much better browser anyway, and I think something like 70% of the people on this forum use it.

IE is a large source if spyware, maybe this is what you mean. Using internet explorer I would get ~25 spyware thingys a day, where as with firefox I get 1 or 2 a month. I suggest getting spybot S&D and spyware blaster, they are all I need.

ok,anger seems to showing across 5000 miles of water.....
all i asked is a basic question to try and find out what iexplore is.
it was not on my pc two nights ago,it is not there when i build systems.
i put this word into google (someone please try that one ) i read in google that this exe can cause internet probs,ie: broswer taken over,trojans ect.
so i am worried,as said i was hacked or somthing took out my whole system when on mediaplayer listening to radio,i no how to reactivate my copy of xp using the wpl file backup way,this file had gone and i had icons i have never seen befor+very few programs and games would work.

the answer to 1 yes
2 this is what i amtrying to find out !
3 for some reason i can not linbk of this

so please except my appologies for trying to get help from people with who i thought might be of some help instead of taking the p***,

quote: but what you write is plain gibberish

i have had a lot of help in the past but as a grown man i feel im in a play ground....

just some freindly advice thats all.....thanx for your break down I.M.O.G.

one last word search google you will find warnings on this exe,and yes you can get hacked by media player,check microsoft updsate sight for past updates :-(

About question 2... If your homepage is being hijacked, you would know it.
If your homepage is hijacked, when you open up internet explorer, it would go to some search page or similar site instead of a microsoft site.

This is why I say you are confused here. Iexplore was on your PC... That blue E titled Iexplore.exe, is Internet Explorer and without exception it is on every microsoft product you have ever used since windows 95. It is not an infection.

I already tried iexplore and related terms in google, that was my first step, so that I could see if there were any spyware components that went by this name also.

Whatever you read, was not talking about iexplore, but it may have been talking about something that infected or hooked into iexplore.

Go download adaware, spybot, and HiJackThis from www.majorgeeks.com... You will find them in the spyware tools section. Run the first two, then run HJT last, and give us a copy of your HJT results.

Finally, try not to level insults at any one here - your grammar and sentence structure is very difficult to understand, and the content you are discussing is something you don't understand, so it is UNDERSTANDABLY hard for us to interpret. I recommend you type in microsoft word then copy and paste that text here - this will help you with the spelling and punctuation, ultimately helping you come across as yourself. The people here know a lot about this sort of stuff, and we can fix your problem... if there even is one, besides the fact that you have a microsoft product installed.

EDIT: About that computing.net thread... A LOT of people there have no idea what they are talking about - there were two posts in that thread that might have been accurate, but the last post was definetly BOGUS.

I.M.O.G,
i have managed to get to the link,i am going to run all the test mentioned and will post.
thanx.
as for my typing as someone mentioned it my be the fact that i have a sight problem from birth.... **Edit - Personal attack**

Great, that should make sure there isn't a problem. Make sure you let us know the results.

As for the sight problem, using microsoft word as a spell checker should help with that, and there is also a magnifying utility built into windows for you to use.

hope this helps.....
then you can all shoot me.
thanx in advance for all your help


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\AMDCLO~1\LOCALS~1\Temp\Rar$EX00.157\Hi jackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: C:\WINDOWS\lbbho.dll - {90A58754-7186-463C-BF7F-0F3903151656} - C:\WINDOWS\lbbho.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://210.80.76.119/object/Dldrv.ocx

You have a RelatedLinks infection which is explained in the following link, along with removal instructions:

http://www.kephyr.com/spywarescanner/library/relatedlinks.lbbho/index.phtml

The instructions are pretty specific so they should help you, be sure to ask if there is anything you do not understand.

Also, with HiJackThis, fix these entries:

O2 - BHO: C:\WINDOWS\lbbho.dll - {90A58754-7186-463C-BF7F-0F3903151656} - C:\WINDOWS\lbbho.dll
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://210.80.76.119/object/Dldrv.ocx

Once you do this, you should be completely clean.

Rest assured that Iexplore.exe is not an infection of any sort, and is a normal component of windows. If you did not recognize it there before, trust that it was, and it is okay to keep there. :)

what can i say...excellent skills and advice thank you for your time I.M.O.G.

now you can shoot me:-)

**Edit - Personal attack**

**Edit - Personal attack**

**Edit - Personal attack**

I have had to edit no less than EIGHT posts in this thread due to personal attacks! My God! That's outlandish!

If I EVER see ANY of you degrade to such talk again, anywhere on the forum, you can damn-well bet that I'm going to hand out some 3-day vacation slips. I have NEVER had to do this, EVER! :mad:

To everybody who had a post edited, consider this your one and only warning. Do NOT let me see such behavior again! This is not preschool, and I would expect better from all parties involved.

The only reason this thread is still alive, is a) the original poster pro'lly still needs help from people patient enough to help, and b) 'cause I don't want to have to write out that many reprimands.

Do NOT let me see this kind of behavior again!

-- Oni :mad: