Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer runs slowly


  • Please log in to reply
4 replies to this topic

#1 Epao

Epao

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:33 PM

Posted 15 February 2010 - 10:40 PM

I have a Dell Dimension 4700C running Windows XP Pro SP3. About a month ago my PC was infected with the Internet Security 2010 virus. I believe that I cleaned the virus. However, since then my PC seems to run slowly.

I scan using Adware Free, Spybot and Malware bites and there is no malware or spyware. I use AVG Free for virus scan, no viruses detected.

I tested the unit on PC Pitstop and I see that at times the RAM utilization is over 80%. When I looked at the processes running I noticed that there were two instances of Interenet Explorer running.....one consuming 53 MB of RAM and a second one consuming 102 MB of RAM. Could this be causing some of my issues?

What info would be needed to look into the problem further?

Edited by Pandy, 15 February 2010 - 11:57 PM.
Moved from Windows XP Home and Pro ~Pandy


BC AdBot (Login to Remove)

 


#2 Sashacat

Sashacat

  • Members
  • 372 posts
  • OFFLINE
  •  
  • Local time:11:33 PM

Posted 16 February 2010 - 02:48 PM

Two instances of
iexplore.exe
or
explorer.exe running?

Were you running Internet Explorer at the time (on purpose) ?
If we don't change the direction we are going,
We are likely to end up where we are headed.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,087 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:33 PM

Posted 17 February 2010 - 09:59 PM

If you do a Google search for multiple instances of iexplore.exe running in Task Manager, you will find numerous complaints with various causes and possible solutions. This problem could be malware or non-malware related. There are worms like W32/Lovgate-AD that will cause the same problem you are experiencing. In addition to other files it drops iexplore.exe in C:\Windows\system32. The legitimate iexplore.exe is located in the C:\Program Files\Internet Explorer folder. Make sure of the spelling. If it is iexplor.exe or iexplorer.exe, then it's malware. Also check to make sure iexplore.exe is not loading at startup as that too can be malware.

Note: If using Internet Explorer 8 or Windows 7, the browser will run an extra instance of iexplorer.exe as part of the Loosely-Coupled IE and Automatic Crash Recovery features. ACR stores information about a browsing session on the hard disk so that in the event of a browser crash, hang, or other unexpected shutdown, it you to resume the last browsing session. If using multiple tabs, ARC allows recovery of all opened tabs in case of a browser failure. Essentially that allows Internet Explorer to prevent itself from closing when a web site in one tab crashes. In order to this, Internet Explorer 8 will open a new process for the main window and another process with any opened tab. As such, it is not unusual to find multiple instances of iexplore.exe running in Task Manager. More information about ACR and LCIE can be found on the IEBlog and an explanation of multiple instances of iexplorer.exe is provided by DON, MS MVP IE here. One drawback of this new feature is that ACR has been reported to utilize high memory resources.

Most of the processes in Task Manager will be legitimate as shown in these links.Determining whether a file is malware or a legitimate process usually depends on the location (path) it is running from. One of the ways that malware tries to hide is to give itself the same name as a critical system file like svchost.exe. However, it then places itself in a different location (folder) than where the legitimate file resides and runs from there. Another techinique is for the process to alter the registry and add itself as a Startup program or service so that it can run automatically each time the computer is booted. Keep in mind that a legitmate file can also be infected by some types of malware. such as Virut which is a dangerous polymorphic file infector. A file's properties may give a clue to identifying it. Right-click on the file, choose Properties and examine the General and Version tabs.

Tools to investigate running processes and gather additional information to identify them and resolve problems:These tools will provide information about each process, CPU usage, file description and its path location.

Anytime you come across a suspicious file or one that you do not recognize, search the name using Google <- click here for an example.

Or search the following databases:If you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.

Edited by quietman7, 18 February 2010 - 08:31 AM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Epao

Epao
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:33 PM

Posted 17 February 2010 - 10:58 PM

I have two versions of iexplore.exe running. I am running Internet Explorer 8. Is there any way to disable or modify the Automatic Crash Recovery feature so that it consumes less memory?

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,087 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:33 PM

Posted 18 February 2010 - 08:33 AM

I edited my previous note about ACR to provide you (and others reading this thread) with more information.

Disabling ACR is not recommended, but if you want to do so, please refer to:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users