TechSpot

Multiple "iexplore.exe" (does it ever stop?)

By sowipeout
Mar 31, 2010
  1. Good Day,

    I've the dreaded curse....years of going free and clean on the web and now this..

    "honey...the page won't close and the cursor thing doesn't move " ...

    *lets take a look* hmmm.....eight iexplore.exe's running....strange that is...

    Logs are attached, I have done the seven steps previous. Two iexplore.exe's are running as I type this.

    Thank you
     

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! The good news is that it is normal to have multiple iexplore.exe processes with IE8

    Read up on this version: IE8 - What Are They Thinking?

    Ther bad news is that you have a 64 bit operating system and some programs don't scan correctly- one being HijackThis.
    Please download OTS to your Desktop
    • Close all other programs.
    • Double-click on OTS.exe to start the program.
    • Check the box that says Scan All Users
    • Under Additional Scans check the following:
      [o] Reg - Shell Spawning
      [o] File - Lop Check
      [o] File - Purity Scan
      [o] Evnt - EvtViewer (last 10)
    • Now click the Run Scan button on the toolbar.
    • Let it run unhindered until it finishes.
    • When the scan is complete Notepad will open with the report file loaded in it.
    • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

    Attach the report in next reply.
     
  3. sowipeout

    sowipeout TS Rookie Topic Starter

    Thank you for your quick reply....


    I'll go read your post about IE...


    On a side note...I see you're a home town brother....I'll have to throw you a bbq for the help.
     

    Attached Files:

    • QTS.txt
      File size:
      104.6 KB
      Views:
      2
  4. sowipeout

    sowipeout TS Rookie Topic Starter

    Okay...I dumped IE8... running firefox again....I'll await your critique on my logs.
    Beautiful weather we're having, no?
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Hey neighbor- I have asked Broni for assistance with the log. He is more experienced with OTS and can get you through a lot quicker. I'll keep checking the thread but you will be in good hands.

    Yes, weather is great- could handle this year round!
     
  6. sowipeout

    sowipeout TS Rookie Topic Starter

    Sounds good ....

    I'm not in any panic or hurry...take care of those here with suicidal tendencies and tear streaked faces...

    I'm heading to Dog Beach to check out my wife's new friends...=p
     
  7. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Download OTL to your Desktop.

    * Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    * Under the Custom Scan box paste this in:


    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT


    * Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
  8. sowipeout

    sowipeout TS Rookie Topic Starter

    Thanks Broni...

    Hope I did as instructed..I doubt it, but miracles do happen
     

    Attached Files:

  9. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
      O2:[b]64bit:[/b] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\yinsthelper.dll (Reg Error: Key error.)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
      [2009/10/20 08:30:22 | 000,000,759 | ---- | C] () -- C:\Windows\ost.INI
      
      
      :Services
      
      :Reg
      
      :Files
      
      :Commands
      [purity]
      [emptytemp]
      [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
     
  10. sowipeout

    sowipeout TS Rookie Topic Starter

    I did as you asked.....

    but your fix broke my access to the wide world webster....so I had to restore to last nights restore point... here are the texts you requested....

    let me know where we stand now..
     

    Attached Files:

  11. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Well, you can't use system restore while we're in the middle of fixes.
    What is "wide world webster"?

    What are the current computer issues?
     
  12. sowipeout

    sowipeout TS Rookie Topic Starter

    wide world webster = www

    Broni....I can restore when the fixes bust the computers ability to use the router....OTL did the fixes you had me paste in and it busted the pc's ability to use the network. So, restoring the pc back one day puts us back one day...which...will give you the chance you need to find out why the instructions to "fix" our issues created a more major one

    what did you think of the logs?

    The present issues I'm having since the "fix" , are a sluggish pc, but I'm sure that's because of the restore process. I have no unusual processes running and unless I'm mistaken, I'd say that this machine is fairly clean.
     
  13. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Are you saying, that after applying my fixes you lost internet connection?

    Then, please describe, what exact issues you're having with your computer, because they're unclear to me.
     
  14. sowipeout

    sowipeout TS Rookie Topic Starter

    When I ran Firefox, it would NOT connect to ANY address. " Firefox has failed to load www.anywebsite.com "

    Outlook could not send or receive and the Network Solutions could not find any issues to fix.

    As I gleaned from your fix, all the temp folders and caches were emptied so that would explain the missing bookmarks, which were plenty. ( I should have backed them up, gah.)

    Although the Network connection showed no issues, there was no using it.

    I rebooted the router hoping it would reconfigure, but it changed nothing.

    <---- this was in the "NewOTL" log...not that it tells me much.

    So, it was Saturday at 10 am that the fix was applied and I restored to Friday 12 am. Not to much damage in terms of what we've accomplished so far.
     
  15. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    OK, I went over all logs again and we're not dealing with any infection here. At least, I don't see any.
    In that case, no harm done by using system restore.

    What are the current issues?
     
  16. sowipeout

    sowipeout TS Rookie Topic Starter

    It appears that there are no issues.

    I thank you and Bobbye for your time and effort and if you ever feel the need to leave that left coast and head towards paradise ( like SoCal was fourty years ago) here in Florida...I'll throw you and Bob a bbq fit for a king.

    Thanks for your time and the solutions to my Internet Explorer nightmare.
     
  17. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Awww....thank you :)
     
  18. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Thanks for your help Broni.

    I think the FL weather might be a bit better for a BBQ- looks like the West Coast is having or getting wind and rain.
     
  19. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Holy smoke! I've never seen so much rain around here....still raining :(
    You guys are welcome :)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...