Hi! guys

I have 4 running internet explorers on my machine inspite of accessing a single internet file.The PROCESS GOES BY THE NAME iexplore.exe

Then i got an nother explorer file called explorer.exe which is labeled as Windows explorer is this NORMAL. Coz im a little bit concerned.

It's normal.

What applications are you running when you notice the four "iexplore.exe" processes running? Generally, I wouldn't consider four of them running to be normal. You should download Process Explorer or Process Monitor from Technet and see what's running these processes. You should also consider doing a virus and *ware scan.

As for "explorer.exe", it should be running -- this is your Windows shell.

If you close Internet Explorer and you still have at least one iexplore.exe process running, I'd highly recommend both of the scans v0idE mentioned. Although it's a legitimate process, there is some malware that disguises itself to look like it. However, the only wild *ware I know of isn't subtle at all - first of all, it makes the majority of folders on your computer read-only - so I think you would have had more symptoms if that was the case. Regardless, run some scans. If you don't find anything and are still suspicious, I've heard good things about online virus scanner Housecall

Kill them...
See if they automatically reappear.
Then you'll know it's something going wrong and not a rogue process.

Thanks i have installed the Process Explorer unfortunately i found some backdoors and Remote access toolsin my system.

What i did is, i have compared the port numbers which i was suspicious about apart of the explorer and compared the port numbers results with the asorted trojan list http://www.simovits.com/trojans/trojans.html
i found the following ports affected 400,1836,1256,2156.

Right now i try to kill the processes using command prompt because i have tried the traditional way but i have failed even when i ran the laptop as an administrator it didnt work.

If you guys have any suggestions kindly let me know.

Good you found them.

Try out "taskkill -f -im iexplore.exe"

I have on elittle problem inspite of killing the processes once i restart the machine they run again so i was thinking of removing the process from the registry but unfortunately im afraid to spoil my machine.

And the problem right now is not on the explorer the problem is on svchost it runs a process known as ghostlogger, everytime i kill it when i restart the machine it get back.

illusioned wrote:I have on elittle problem inspite of killing the processes once i restart the machine they run again so i was thinking of removing the process from the registry but unfortunately im afraid to spoil my machine.

And the problem right now is not on the explorer the problem is on svchost it runs a process known as ghostlogger, everytime i kill it when i restart the machine it get back.

It sounds like you have an infection. Have you done a virus and *ware scan yet? This should be the next thing you do. I recommend the usual:

*ware scanners:

• Malware Bytes Anti-Malware
• Super Antispyware
• Spybot S&D
• Hijack This! (and post it on a Hijack This! forum to get it properly analysed)

Virus scanners:

• AVG Free
• Kaspersky (Internet Security, Anti-Virus, or online)
• Trend Micro Housecall

It's best to shut down all running applications and kill any unnecessary processes before scanning. If given the option, do a scan on boot. Do this twice to be thorough.
I would also check what is set to start on Start Up (Start bar > Run > msconfig > Startup) and disable anything that isn't critical.
If all else fails, back up critical data and format. But be sure you're not backing up infected data.

Also, don't use Internet Explorer.

If I were you I'd just format the machine and start fresh with an antivirus+firewall installation before you go online. Download Comodo Internet Security, back up the installer along with you files (careful when backing up executables though, remember right now you're in an infected machine), format, install Comodo, then connect again.