Internet Explorer Problem. Thoughts?

Discussion in 'ESET Smart Security' started by NBP Pipsquack Bird, Feb 2, 2008.

Thread Status:
Not open for further replies.
  1. NBP Pipsquack Bird

    NBP Pipsquack Bird Registered Member

    Joined:
    Aug 12, 2007
    Posts:
    59
    Location:
    Kingdom of NOD
    I'm not sure if this is an ESS issue, a Vista issue, a malware issue, or some combination of them. But maybe someone else has seen this and has some thoughts or can point me where to find answers.

    Running Vista 32 bit. Standard Allow firewall rule is set for IE. IE is set as a web browser and in active mode in ESS settings. I go a few weeks using IE with no problems. Then out of the blue one day I go to open IE from the desktop and ESS pops up an outbound firewall alert. Seems odd since I already had a rule for IE, but I set the rule for allow / remember.

    In looking into the matter, I go into Windows Task manager - Processes tab. I right click on iexplorer.exe and choose to open file location. Low and behold IE is running from the C:\Windows\winsxs folder. Usually iexplorer.exe runs from the C:\Program Files\Internet Explorer folder.

    From that point forward, no matter what I click on to open Internet Explorer, it opens from the winsxs folder. And supposedly the winsxs folder is where previous versions of software are kept.

    I will say, had I not gotten the outbound ESS alert I might not ever have noticed anything wrong. Internet Explorer still works and functions fine.

    I would like to know what is causing Internet Explorer to run from a backup location out of the blue. Vista error, malware, ESS issue?


    If anyone else has noticed this - can be checked from Task Manager, or if anyone has thoughts on this, please give a shout.
     
    NBP Pipsquack Bird, Feb 2, 2008
    #1
  2. ASpace

    ASpace Guest

    What about submitting the "Internet Explorer" exe to the online service VirusTotal (the one running from %windir%\WinSxS\ -> www.virustotal.com . Don't post the result here , just keep them for yourself.

    It might be a fake one . Also submit it to ESET in attachment - email samples[at]eset.sk

    Open ESS's firewall rules' setup , right click on any rule about iexplore.exe or Internet Explorer and remove it . Press Apply button .

    Now manually run iexplore.exe from %ProgramFiles%\Internet Explorer\iexplore.exe + allow this connection + remember action (create rule) for it . Anything else - keep blocked.
     
    ASpace, Feb 2, 2008
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...