iexp1orer.exe - Dangerous
iexp1orer.exe
Manual removal instructions:
Antivirus Report of iexp1orer.exe:
iexp1orer.exe
W32.Multex.B is a worm that attempts to exploit the Microsoft Windows LSASS Buffer Overrun Vulnerability (Microsoft Security Bulletin MS04-011).
It also attempts to propagate through the Kazaa file-sharing network by copying itself as the different files in the Kazaa share folders.
Starts an FTP server on a randomly chosen TCP port.
Attempts to make a connection to a randomly generated IP address on TCP port 445.
If successful, the worm sends shell code to the remote computer, which may cause it to run a remote shell on a randomly chosen TCP port.
Connects back to the FTP server on the port by using a shell, then downloads a copy of the worm.
Sends a predetermined message to all ICQ contacts.
Some of these messages display URLs that can download a copy of either W32.Mydoom.V@mm or Backdoor.Nemog.C.
Manual removal:
Navigate to the key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
and delete the value: "iestart"="%System%\iexp1orer.exe"
| iexp1orer.exe | Malware |
| iexp1orer.exe | Dangerous |
| iexp1orer.exe | High Risk |
It also attempts to propagate through the Kazaa file-sharing network by copying itself as the different files in the Kazaa share folders.
Starts an FTP server on a randomly chosen TCP port.
Attempts to make a connection to a randomly generated IP address on TCP port 445.
If successful, the worm sends shell code to the remote computer, which may cause it to run a remote shell on a randomly chosen TCP port.
Connects back to the FTP server on the port by using a shell, then downloads a copy of the worm.
Sends a predetermined message to all ICQ contacts.
Some of these messages display URLs that can download a copy of either W32.Mydoom.V@mm or Backdoor.Nemog.C.
Manual removal:
Navigate to the key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
and delete the value: "iestart"="%System%\iexp1orer.exe"
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.