iexplore.exe not closing

Computing.Net > Forums > Windows 2000 > iexplore.exe not closing

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

iexplore.exe not closing

Name: jerromy
Date: September 5, 2003 at 13:42:31 Pacific
OS: Windows 2000
CPU/Ram: 1.78 Gig Proc./1 Gig RAM

Comment:

When I first boot up and bring up IE6 it takes a long time, and uses 100% CPU for a minute or two. Also, it often appears in my task manager even after it is closed and seems to be a resource hog (other programs lock up as a result). When running my DSL connection seems to have slowed. Finally every now and again my mouse seems to drag for a moment on it's own. These seem to be telltale signs of spyware, backdoor etc. I have had probems before with this.
I have Norton Antivirus, Norton Internet Security both running. Also, I have Ad Aware and Spybot both up to date and have scanned in the last 24 hours. I downloaded hijack this and to my untrained eye nothing in the log file looks suspect. The five hosts in 01:128.*.*.* are all work related(I work remotely). Below are the outputs from HiJack This and TCP ViewAny ideas?
Logfile of HijackThis v1.96.4
Scan saved at 7:27:51 AM, on 9/5/2003
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\WINNT\System32\3Com_DMI\3CDMINIC.exe
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINNT\system32\srvany.exe
C:\winnt\system32\Shared\dllhost.exe
C:\WINNT\System32\NALNTSRV.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\srvany.exe
C:\WINNT\System32\wm.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINNT\system32\NWTRAY.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Documents and Settings\jerromy\Start Menu\Programs\Startup\vptray.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\totalcmd\TOTALCMD.exe
C:\Documents and Settings\jerromy\My Documents\Programs\Virus-Spyware Tools\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redi...=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://smbusiness.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redi...=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redi...er=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redi...=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
O1 - Hosts: 128.3.0.100 compsvr_tree
O1 - Hosts: 128.1.0.100 compsvr_s
O1 - Hosts: 128.3.0.100 compsvr_x
O1 - Hosts: 128.1.1.230 intrepid
O1 - Hosts: 128.1.1.200 hemi
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\CwbSvStr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - Startup: vptray.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://activex.microsoft.com/active...media/Swdir.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.com/fixes/PROFILER.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...7832.5952199074
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/...ash/swflash.cab
When I first boot up and bring up IE6 it takes a long time, and uses 100% CPU for a minute or two. Also, it often appears in my task manager even after it is closed and seems to be a resource hog (other programs lock up as a result). Finally every now and again my mouse seems to drag for a moment on it's own. These seem to be telltale signs of spyware, backdoor etc. I have had probems before with this.
I have Norton Antivirus, Norton Internet Security both running. Also, I have Ad Aware and Spybot both up to date and have scanned in the last 24 hours. I downloaded hijack this and to me untrained eye nothing in the log file looks suspect. The five hosts in 01:128.*.*.* are all work related(I work remotey). Any ideas?
Logfile of HijackThis v1.96.4
Scan saved at 7:27:51 AM, on 9/5/2003
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\WINNT\System32\3Com_DMI\3CDMINIC.exe
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINNT\system32\srvany.exe
C:\winnt\system32\Shared\dllhost.exe
C:\WINNT\System32\NALNTSRV.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\srvany.exe
C:\WINNT\System32\wm.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINNT\system32\NWTRAY.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Documents and Settings\jerromy\Start Menu\Programs\Startup\vptray.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\totalcmd\TOTALCMD.exe
C:\Documents and Settings\jerromy\My Documents\Programs\Virus-Spyware Tools\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redi...=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://smbusiness.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redi...=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redi...er=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redi...=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
O1 - Hosts: 128.3.0.100 compsvr_tree
O1 - Hosts: 128.1.0.100 compsvr_s
O1 - Hosts: 128.3.0.100 compsvr_x
O1 - Hosts: 128.1.1.230 intrepid
O1 - Hosts: 128.1.1.200 hemi
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\CwbSvStr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - Startup: vptray.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://activex.microsoft.com/active...media/Swdir.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.com/fixes/PROFILER.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...7832.5952199074
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/...ash/swflash.cab

TCPView:
System:8 TCP JCARLSON:microsoft-ds JCARLSON:0 LISTENING
System:8 TCP JCARLSON:1029 JCARLSON:0 LISTENING
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:netbios-ssn JCARLSON:0 LISTENING
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:427 JCARLSON:0 LISTENING
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:3746 24.137.12.200:http TIME_WAIT
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:3767 24.137.12.200:http TIME_WAIT
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:3770 24.137.12.200:http TIME_WAIT
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:3786 24.137.12.200:http TIME_WAIT
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:3787 24.137.12.200:http TIME_WAIT
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:3794 24.137.12.200:http TIME_WAIT
System:8 TCP JCARLSON:3700 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3704 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3706 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3707 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3711 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3719 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3722 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3724 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3725 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3726 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3730 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3731 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3734 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3736 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3737 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3740 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3741 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3744 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3745 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3748 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3749 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3752 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3753 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3758 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3760 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3762 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3763 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3764 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3768 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3769 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3772 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3773 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3777 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3780 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3781 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3784 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3785 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3788 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3789 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3792 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3793 localhost:1025 TIME_WAIT
System:8 TCP JCARLSON:3796 localhost:1025 TIME_WAIT
System:8 UDP JCARLSON:microsoft-ds *:*
System:8 UDP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:netbios-ns *:*
System:8 UDP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:netbios-dgm *:*
System:8 UDP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:427 *:*
System:8 UDP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:1027 *:*
System:8 TCP JCARLSON:3808 JCARLSON:0 LISTENING
System:8 TCP JCARLSON:3809 JCARLSON:0 LISTENING
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:3808 compsvr_s:524 SYN_SENT
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:3809 compsvr_s:524 SYN_SENT
System:8 TCP JCARLSON:3810 JCARLSON:0 LISTENING
System:8 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:3810 compsvr_s:524 SYN_SENT
SVCHOST.EXE:456 UDP JCARLSON:3001 *:*
SVCHOST.EXE:420 TCP JCARLSON:epmap JCARLSON:0 LISTENING
SVCHOST.EXE:1108 TCP JCARLSON:3068 JCARLSON:0 LISTENING
SVCHOST.EXE:1108 TCP JCARLSON:3072 JCARLSON:0 LISTENING
SVCHOST.EXE:1108 TCP JCARLSON:3091 JCARLSON:0 LISTENING
SVCHOST.EXE:1108 TCP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:3091 80.15.249.177:https CLOSE_WAIT
SVCHOST.EXE:1108 TCP JCARLSON:3068 localhost:1025 CLOSE_WAIT
SVCHOST.EXE:1108 TCP JCARLSON:3072 localhost:1025 CLOSE_WAIT
rtvscan.exe:904 UDP JCARLSON:2967 *:*
rtvscan.exe:904 UDP JCARLSON:3002 *:*
mstask.exe:964 TCP JCARLSON:1026 JCARLSON:0 LISTENING
LSASS.EXE:260 UDP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:isakmp *:*
LSASS.EXE:260 UDP wbar1.sjo1-4-4-023-137.sjo1.dsl-verizon.net:4500 *:*
dllhost.exe:748 TCP JCARLSON:4117 JCARLSON:0 LISTENING
dllhost.exe:748 TCP JCARLSON:43958 JCARLSON:0 LISTENING
CCPXYSVC.EXE:680 TCP JCARLSON:1025 JCARLSON:0 LISTENING
CCPXYSVC.EXE:680 TCP JCARLSON:1025 localhost:3698 TIME_WAIT
CCPXYSVC.EXE:680 TCP JCARLSON:1025 localhost:3701 TIME_WAIT
CCPXYSVC.EXE:680 TCP JCARLSON:1025 localhost:3718 TIME_WAIT
CCPXYSVC.EXE:680 TCP JCARLSON:1025 localhost:3756 TIME_WAIT
CCPXYSVC.EXE:680 TCP JCARLSON:1025 localhost:3776 TIME_WAIT
CCAPP.EXE:1448 TCP JCARLSON:3013 JCARLSON:0 LISTENING
CCAPP.EXE:1448 TCP JCARLSON:3014 JCARLSON:0 LISTENING
CCAPP.EXE:1448 TCP JCARLSON:3014 localhost:3693 TIME_WAIT

Sponsored Link

Ads by Google

Response Number 1

Name: Lucid
Date: September 5, 2003 at 16:33:57 Pacific

Reply:

Did you look through the Event Viewer log files in case it's just hanging up trying to re-establish a remote connection to something that no longer exists?
How does it run when you unplug it from the Internet (open a locally saved HTML file)?

windows 7 iexplore.exe microsoft multimedia keyboard 1.0a netbios-ns	fix iexplorer.exe iexplore exe startup services.exe high cpu
See More

Comp. freezes w/ mult. ap...

Weird LAN problem

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Windows 2000 Forum Home

Sponsored links

Ads by Google

Results for: iexplore.exe not closing

iexplore.exe process will not end

Summary

www.computing.net/answers/windows-2000/iexploreexe-process-will-not-end/50457.html

iexplorer.exe error

Summary

www.computing.net/answers/windows-2000/iexplorerexe-error/52725.html

multiple IEXPLORER.EXE

Summary

www.computing.net/answers/windows-2000/multiple-iexplorerexe/54266.html

From the Geek Dictionary
quad core - quad core stands for a computer processor that has 4 individual cores insid...

Ask a Question!

Weekly Poll
Did you go shopping on Black Friday?

Poll Finishes In 6 Days.
Discuss in The Lounge
Poll History

Recent Posts
lag , connection issue :solved

marks on top of new cpu

Is there a solution

Processor Comparasion

font problem with OE6

All Awaiting Reply

Tom's News
Man Pleads Guilty Selling Fake Chips to Navy

Threatening Rap on YouTube Lands Two in Jail

New Final Fantasy XIII Trailer is 5 Minutes Long

Guy Quits Job With Error Message

Verizon Takes on Sprint's 3G Network (And Wins)

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE