2 iexplorer.exe in task manager. Please help

[Bobbye]

cpunoob, this thread was only begun 18 hours ago, There have been 25 replies. We try to divide out time so everyone can began getting help.

I ask that you be patient. I have begun checking the ZA log, but I'm going to shut for for the night. I'm tired. I need some sleep. I'll finish thus in the morning.

 

[cpunoob]

Oh no u guys have been more than enough help, i didnt mean to sound impatient. Was just getting a little confused I can't thank you enough for taking time out of your day to help a complete stranger. I will check here again when i get off work tomorrow. Thanks again and sleep well.

 

[Bobbye]

I found a jewel for you! See section titled Zone Alarm Log Info: http://robertpanderson.com/zonealarm1.html

It will explain what you are seeing. I remembered the FWIN- incoming and the FWOUT- outgoing, Here is PE: The "PE" entry informs you that an application on your computer attempted to access the Internet.

Example 1:
PE,2009/12/06,12:19:38 -5:00 GMT,Antivirus Scheduler,C:\Program Files\Avira\AntiVir Desktop\sched.exe,208.111.157.78:80,N/A

• PE> indicates that you said "yes," when you were prompted to allow an application on your computer to access the Internet.
• The IP208.111.157.78 address and the port number 80 is for Limelight Networks in AZ that Avira connected to.
• Avira contacted the internet and got the scheduled update.

Example 2:
ACCESS,2009/12/06,11:54:38 -5:00 GMT,Antivirus Scheduler was unable to obtain permission for connecting to the Internet (208.111.157.181:HTTP); access was denied.,N/A,N/A
On the other hand, Avira couldn't complete the update. Note the type of access was HTTP and Not to port 80.

Example 3:
PE,2009/12/06,10:00:20 -5:00 GMT,Dell Support,C:\Program Files\DellSupport\DSAgnt.exe,74.128.19.102:53,N/A
Dell Support program on your system attempted to contact the internet- most likely for an update.
Do you need to allow this to continually access looking for update? No. Turn off the auto-update feature.

Example: 4
ACCESS,2009/12/06,10:01:22 -5:00 GMT,Sonic Update Manager was temporarily blocked from connecting to the Internet (74.128.19.102NS).,N/A,N/A

ACCESS >an application was blocked because it did not have access permission.
IP74.128.19.102 is for Internet Connections Suite in KY
Sonic attempted internet access for update, but has not been given permission for this.

The firewall takes into consideration the IP address, the port number and the protocol. If it is satisfied that it meets all of the configurations that have been set, it will allow the connection.

If you look at the log, Sonic made 15 more attempts to access between 10:00:40 and 12:46:42 on this same date and the firewall blocked them.

I guess what I'm trying to show you is that the fewer auto-update you have, the less incoming and outgoing attempt to update or access will be made and the firewall can sit back and rest occasionally.

Another point to consider is what add-ons you have in the browser. Do any of them have internet access to send data? This could be another cause of extra activity

See this:
Firewall Forensics: What Am I Seeing by Robert Gramhan:

 

[cpunoob]

Ok so i got rid of the Sonic Update since i never use it. I switched to the Comodo firewall with hopes of less cpu usage and it seemed to have helped abit. I ran IE with no addons running and it still gives me the same problem. I did notice that if i open a video on youtube and mouse around in the video itself, it has no effect on the cpu. Only spikes when i navigate the page in IE. Could this maybe be a hardware issue? I noticed a small noise (buzz) coming from either the psu or gpu when im move the mouse around in IE only. Seems to get louder if the page is white. Have you ever heard of a virus that would cause the spiking issue? My main concern isnt the cpu spiking itself , its more so if a virus is the cause because i pay a few bills online. I can deal with the spikes as long as they arent hacking my money lol

 

[cpunoob]

I just noticed that when i load a web page the outbound connections listed in the firewal goes from 2 to 40+. They are all From IE. Is that normal?

 

[Bobbye]

The CPU usage is going to go up when the firewall is actively working. IF you're using IE as your browser, this is what you access the internet with, so activity will show for it. You have requested that the browser load a web page for you.

I cannot continue to spend extra time here. My job isn't to explain firewalls- I gave you some extra.

There is one thing I want you to do and that is to update Java. I want to see if that goes smoothly:
Check this site Java Updates

You need v6u17.

You should also Stay current on Windows Updates:
Visit the Microsoft Download Site
You should get All updates marked Critical and the current SP updates: Vista> SP2

If that goes well, I'll have you run an online AV scan and we'll finish up here. IF you have additional problems that are not related to the malware, you should start another thread in the appropriate forum. The buzz or mouse movement or hardware issue does not belong in the malware forum.

 

[cpunoob]

Both java and Windows are up to date.

 

[cpunoob]

what online AV scan shall i run?

 

[Bobbye]

I don't know- are you suppose to run one?

33 posts in 24 hours! Wow! You are still impatient! I'm helping some other members who have waited 2-3 days- some because I took extra time to educate you about firewall entries.

 

[cpunoob]

#1 I never asked you to educate me on firewalls.
#2 nothing i said implied that i was impatient. Do u see anything in my posts that says hurry or something to that effect?
#3 "If that goes well, I'll have you run an online AV scan and we'll finish up here. IF you have additional problems that are not related to the malware, you should start another thread in the appropriate forum. The buzz or mouse movement or hardware issue does not belong in the malware forum." thats a quote from you which is why i asked which one?
#4 If the work you volunteer for is becoming a chore and u have to make others feel bad for asking help (which is what i thought the purpose of this forum was) than i will lighten your load and take my issue else where. as for your comment "33posts in 24 hours!" i posted a question, you responded, i followed up, you responded again etc... Never once did i make you respond at a certain time or in a certain time frame, that was your own free will which i thanked you for several times. So you calling me impatient is not only inaccurate but rude. Have a nice day and thanks again for your time.

 

[kimsland]

Whilst waiting for Bobbye's response

I'd run a Memtest if I were you

>> Memtest Guide

 

[Bobbye]

I have No reply.