Solved RAM problems + too many copies of IE\iexplore.exe running
- Thread starter johndoe24
- Start date
ESETScan Log
C:\Program Files\Yontoo Layers\YontooIEClient.dll Win32/Adware.Yontoo.A application
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP802\A0177955.msi a variant of Win32/SlowPCfighter application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP802\A0177964.rbf a variant of Win32/SlowPCfighter application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP804\A0177986.msi a variant of Win32/SlowPCfighter application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP804\A0177994.rbf a variant of Win32/SlowPCfighter application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP804\A0178076.exe a variant of Win32/Adware.Gamevance.BE application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP821\A0185580.dll a variant of Win32/Adware.Yontoo.B application
C:\Program Files\Yontoo Layers\YontooIEClient.dll Win32/Adware.Yontoo.A application
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP802\A0177955.msi a variant of Win32/SlowPCfighter application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP802\A0177964.rbf a variant of Win32/SlowPCfighter application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP804\A0177986.msi a variant of Win32/SlowPCfighter application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP804\A0177994.rbf a variant of Win32/SlowPCfighter application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP804\A0178076.exe a variant of Win32/Adware.Gamevance.BE application
C:\System Volume Information\_restore{22736186-57A4-4FC6-8A70-56A81AF14013}\RP821\A0185580.dll a variant of Win32/Adware.Yontoo.B application
Broni
Posts: 56,041 +516
Your computer is clean
1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:
Run OTL
2. Now, we'll remove all tools, we used during our cleaning process
Clean up with OTL:
If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.
3. Make sure, Windows Updates are current.
4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.
7. Run Temporary File Cleaner (TFC) weekly.
8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.
10. (Windows XP only) Run defrag at your convenience.
11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
13. Please, let me know, how your computer is doing.
1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following:
Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Post resulting log.
2. Now, we'll remove all tools, we used during our cleaning process
Clean up with OTL:
- Double-click OTL.exe to start the program.
- Close all other programs apart from OTL as this step will require a reboot
- On the OTL main screen, press the CLEANUP button
- Say Yes to the prompt and then allow the program to reboot your computer.
If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.
3. Make sure, Windows Updates are current.
4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.
7. Run Temporary File Cleaner (TFC) weekly.
8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.
10. (Windows XP only) Run defrag at your convenience.
11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
13. Please, let me know, how your computer is doing.
OTL
All processes killed
========== OTL ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Bonnie Vance
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Rodney Vance
->Temp folder emptied: 1225133 bytes
->Temporary Internet Files folder emptied: 21270199 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 470 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 239 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 702 bytes
Total Files Cleaned = 22.00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Bonnie Vance
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: NetworkService
User: Rodney Vance
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.31.0 log created on 10292011_181248
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Rodney Vance\Local Settings\Temporary Internet Files\Content.IE5\WU7D8E1R\274687_509736987_2696211_q[1].jpg not found!
File\Folder C:\Documents and Settings\Rodney Vance\Local Settings\Temporary Internet Files\Content.IE5\WU7D8E1R\276216_1404805956_1577417_s[1].jpg not found!
File\Folder C:\Documents and Settings\Rodney Vance\Local Settings\Temporary Internet Files\Content.IE5\WU7D8E1R\371072_100000600722401_1626729114_q[1].jpg not found!
File\Folder C:\Documents and Settings\Rodney Vance\Local Settings\Temporary Internet Files\Content.IE5\WU7D8E1R\371581_100000329922213_2124425805_q[1].jpg not found!
File\Folder C:\Documents and Settings\Rodney Vance\Local Settings\Temporary Internet Files\Content.IE5\WU7D8E1R\ai[2].htm not found!
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Bonnie Vance
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Rodney Vance
->Temp folder emptied: 1225133 bytes
->Temporary Internet Files folder emptied: 21270199 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 470 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 239 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 702 bytes
Total Files Cleaned = 22.00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Bonnie Vance
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: NetworkService
User: Rodney Vance
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.31.0 log created on 10292011_181248
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Rodney Vance\Local Settings\Temporary Internet Files\Content.IE5\WU7D8E1R\274687_509736987_2696211_q[1].jpg not found!
File\Folder C:\Documents and Settings\Rodney Vance\Local Settings\Temporary Internet Files\Content.IE5\WU7D8E1R\276216_1404805956_1577417_s[1].jpg not found!
File\Folder C:\Documents and Settings\Rodney Vance\Local Settings\Temporary Internet Files\Content.IE5\WU7D8E1R\371072_100000600722401_1626729114_q[1].jpg not found!
File\Folder C:\Documents and Settings\Rodney Vance\Local Settings\Temporary Internet Files\Content.IE5\WU7D8E1R\371581_100000329922213_2124425805_q[1].jpg not found!
File\Folder C:\Documents and Settings\Rodney Vance\Local Settings\Temporary Internet Files\Content.IE5\WU7D8E1R\ai[2].htm not found!
Registry entries deleted on Reboot...
Still having a few problems:
1. The system seems to be just as slow or maybe even a little slower than before
2. Two things started happening after running all those programs:
a) Every time I reboot, a message flashes on the screen very fast (too fast to read entirely) but I get the impression it’s asking me to run the Microsoft Recovery Console, which I will only do when there is a complete failure and I replace the hard drive, for example. I’ve been afraid to press F8 repeatedly to see what it does, so I let it go allowing windows to start and the system to come up and perhaps ask you later if you have any ideas. (Note that I have the Sony recovery discs from the time they replaced my hard drive the first time; but I will only run those following a catastrophic failure or hard drive replacement because I'll have to spend the next several days reloading everything!);
b) A message from AVG appears on screen saying that an “unspecified error occurred in AVG; send diagnostic data to AVG Tech Support? Y/N I always reply Yes. I have no idea what that error could be because it doesn’t provide the information in a ready accessible form.
3. The RoboForm System Tray Icon disappears and I have to do a search in program files to find it and get it restored
Finally, a note on my status: I started back to work today after being out for knee surgery since the middle of October, so I only have evenings and weekends to reply and try other solutions. Do you have any ideas about where to go from here on these issues?
1. The system seems to be just as slow or maybe even a little slower than before
2. Two things started happening after running all those programs:
a) Every time I reboot, a message flashes on the screen very fast (too fast to read entirely) but I get the impression it’s asking me to run the Microsoft Recovery Console, which I will only do when there is a complete failure and I replace the hard drive, for example. I’ve been afraid to press F8 repeatedly to see what it does, so I let it go allowing windows to start and the system to come up and perhaps ask you later if you have any ideas. (Note that I have the Sony recovery discs from the time they replaced my hard drive the first time; but I will only run those following a catastrophic failure or hard drive replacement because I'll have to spend the next several days reloading everything!);
b) A message from AVG appears on screen saying that an “unspecified error occurred in AVG; send diagnostic data to AVG Tech Support? Y/N I always reply Yes. I have no idea what that error could be because it doesn’t provide the information in a ready accessible form.
3. The RoboForm System Tray Icon disappears and I have to do a search in program files to find it and get it restored
Finally, a note on my status: I started back to work today after being out for knee surgery since the middle of October, so I only have evenings and weekends to reply and try other solutions. Do you have any ideas about where to go from here on these issues?
Broni
Posts: 56,041 +516
2. Recovery Console is a very important troubleshooting tool in Windows XP and it should be present on every computer.
Leave it alone.
1. In this forum, we make sure, your computer is free of malware and your computer is clean
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.
Good luck!
Leave it alone.
1. In this forum, we make sure, your computer is free of malware and your computer is clean
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.
Good luck!
I’m referring to this thread I started a couple of weeks ago that you helped me extensively on: “[Solved] RAM problems + too many copies of IE\iexplore.exe running .” The problem is that It’s not solved just yet; i.e., there are still problems with excessive memory usage, the system is slow, AVG pops-up a warning which indicates that IE 8 is the problem. Should I repost this as a new thread on the OS forum? Thanks!
Okay, here's a copy of my 1st note that you responded to a couple of weeks ago:
"I just joined TechSpot today in hopes of finding a solution to the system memory problems I’ve been experiencing for several months now. I’m running Windows XP Pro MCE w/SP3 & IE8; in addition, I use Windows Firewall & AVG AV-Free.
I’ve used Task Manager-“Programs” & “Performance” and other programs to try and find the large memory usage swings and perhaps pinpoint the location of trouble. I’ve seen very large fluctuations in CPU memory usage ranging from 3 or 4% all the way up to 100% & back down again, all within a few seconds. IE8 seems to have the largest memory swings, but other programs are also contributors. A couple of days ago, I downloaded SuperAntiSpware and the first run found and removed numerous Trojans & Malware. I noticed a link on the SAS website to FileResearch offering a free scan to “find out what’s running on your system.” I ran this program and found both expected and unexpected results; i.e., the unexpected showed 2 copies of “C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE” running. Note: I just ran FileResearch again and now 5-copies are running! Also, iexplore.exe does not appear in the Add or Remove Programs listing that I can find, meaning I can’t uninstall it. Does anyone have suggestions?"
I'm logging off for tonight so I can get some sleep. I'll check my email tomorrow evening to see if there is a response yet. Have a good night.
"I just joined TechSpot today in hopes of finding a solution to the system memory problems I’ve been experiencing for several months now. I’m running Windows XP Pro MCE w/SP3 & IE8; in addition, I use Windows Firewall & AVG AV-Free.
I’ve used Task Manager-“Programs” & “Performance” and other programs to try and find the large memory usage swings and perhaps pinpoint the location of trouble. I’ve seen very large fluctuations in CPU memory usage ranging from 3 or 4% all the way up to 100% & back down again, all within a few seconds. IE8 seems to have the largest memory swings, but other programs are also contributors. A couple of days ago, I downloaded SuperAntiSpware and the first run found and removed numerous Trojans & Malware. I noticed a link on the SAS website to FileResearch offering a free scan to “find out what’s running on your system.” I ran this program and found both expected and unexpected results; i.e., the unexpected showed 2 copies of “C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE” running. Note: I just ran FileResearch again and now 5-copies are running! Also, iexplore.exe does not appear in the Add or Remove Programs listing that I can find, meaning I can’t uninstall it. Does anyone have suggestions?"
I'm logging off for tonight so I can get some sleep. I'll check my email tomorrow evening to see if there is a response yet. Have a good night.
Slow Performance Due To Excessive Memory Being Taken Up By?? IE8??
Okay, stating the main issues EXACTLY:
1) Something is taking up too much physical memory and slowing down my system.
2) On boot-up, a Windows "recovery" option comes up but quickly disappears before starting Windows. In the past, I would tap F8 until the recovery program opened up; then, I could run recovery disks.
Okay, stating the main issues EXACTLY:
1) Something is taking up too much physical memory and slowing down my system.
2) On boot-up, a Windows "recovery" option comes up but quickly disappears before starting Windows. In the past, I would tap F8 until the recovery program opened up; then, I could run recovery disks.
[Solved] RAM problems + too many copies of IE\iexplore.exe running
1) Thanks for explaining Recovery Console installation & purpose. One concern cleared up!
2) The AVG Message says, "AVG Advisor message; AVG detected high memory usage by the following application: IE8, Total memory used: ???MB AVG recommends closing and reopening the application for faster performance."
1) Thanks for explaining Recovery Console installation & purpose. One concern cleared up!
2) The AVG Message says, "AVG Advisor message; AVG detected high memory usage by the following application: IE8, Total memory used: ???MB AVG recommends closing and reopening the application for faster performance."
Similar threads
Latest posts
-
US TikTok ban could begin next year as Biden signs law, but legal battle looms- GodisanAtheist replied
-
Upgraded 4K Chromecast with Google TV set to launch soon with improved hardware- hahahanoobs replied
-
Nintendo DMCA lawyers shut down everything Mario on Garry's Mod- Uncle Al replied
-
BlizzGone: Blizzard cancels 2024 convention but promises an eventual return
- GodisanAtheist replied
