TechSpot

[Active] Multiple iexplorer.exe's running, I only have one ie open

Inactive
By TYSTYX1
Jul 31, 2010
  1. Thanks for the help!
    Also, When I open a new tab another iexplorer.exe starts. Plus, my
    computer is running slowly. Thanks again for the help.
     

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Please run the following while I finish checking the logs:

    Download Bootkit Remover and save to your Desktop
    1. You then need to extract the remover.exe file from the RAR using a program capable of extracting RAR compressed files. If you don't have an extraction program, you can use 7-Zip: http://www.7-zip.org/
    2. After extracting remover.exe to your Desktop, double-click on remover.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator.
    3. You will see a Black screen with some data on it.
    4. Right click on the screen and click Select All.
    5. Press CTRL+C to Copy
    6. Open a Notepad and press CTRL+V to Paste.
    7. Include the report in your next post.



    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
     
  3. TYSTYX1

    TYSTYX1 TS Rookie Topic Starter

    Thanks for your help.
     

    Attached Files:

  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Good new from that scan!

    Please download ComboFix HERE and save to your desktop:

    Please disable all security programs, such as antiviruses, antispywares, and firewalls.
    • Double click on the setup file on the desktop to run
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.
    • When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
      (Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.)
    • Query- Recovery Console image
      [​IMG]
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
      [​IMG]
    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a log.Please include the C:\ComboFix.txt in your next reply.

    Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
    Note: Make sure you re-enable your security programs, when finished..
     
  5. TYSTYX1

    TYSTYX1 TS Rookie Topic Starter

    Well thats good news!
    I couldnt get microsoft security essentials to stop running, still went on with the scan; Im glad it didnt mess up my comp.
     

    Attached Files:

  6. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Message from Bobbye:

    ==========================================================================

    This is perfectly normal.
    When you start IE8, it'll open TWO iexplore.exe processes. Opening every new tab will create new iexplore.exe process.

    =======================================================================

    Combofix log looks clean :)

    Uninstall Combofix:
    Go Start > Run [Vista users, go Start>"Start search"]
    Type in:
    Combofix /Uninstall
    Note the space between the "Combofix" and the "/Uninstall"
    Click OK (Vista users - press Enter).
    Restart computer.

    =======================================================================

    Download OTL to your Desktop.

    * Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    * Under the Custom Scan box paste this in:



    netsvcs
    drivers32 /all
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\system32\spool\prtprocs\w32x86\*.tmp
    %systemroot%\*. /mp /s
    /md5start
    /md5stop
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs



    * Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
  7. TYSTYX1

    TYSTYX1 TS Rookie Topic Starter

    Thanks!
    Good to know.
    Too many characters to copy and paste.
     

    Attached Files:

  8. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Your computer would greatly benefit from adding another 512MB of RAM.

    =============================================================

    Update your Java version here: http://www.java.com/en/download/installed.jsp

    Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

    Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

    Now, we need to remove old Java version and its remnants...

    Download JavaRa to your desktop and unzip it to its own folder
    • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.

    =========================================================================

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab (Reg Error: Key error.)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      
      
      :Services
      
      :Reg
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
      "EnableFirewall" =dword:00000001
      
      :Files
      
      :Commands
      [purity]
      [emptytemp]
      [emptyflash]
      [Reboot]
      
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
     
  9. TYSTYX1

    TYSTYX1 TS Rookie Topic Starter

    Yeah i want a 2 gig stick.
     

    Attached Files:

  10. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Even 1 gig for XP is plenty....

    Looks good :)

    Last scans...

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


    2. Download Temp File Cleaner (TFC)
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    3. Go to Kaspersky website and perform an online antivirus scan.

    • Disable your active antivirus program.
    • Read through the requirements and privacy statement and click on Accept button.
    • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    • When the downloads have finished, click on Settings.
    • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      • Spyware, Adware, Dialers, and other potentially dangerous programs
      • Archives
      • Mail databases
    • Click on My Computer under Scan.
    • Once the scan is complete, it will display the results. Click on View Scan Report.
    • You will see a list of infected items there. Click on Save Report As....
    • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
     
  11. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Are you still out there?
     
     
  12. TYSTYX1

    TYSTYX1 TS Rookie Topic Starter

    Im updating kaspersky database. Here are the other documents for now.
     

    Attached Files:

  13. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Looks good :)
     
  14. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Are you done with Kaspersky yet?
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.