Solved

RAM problems, maybe because of Explorer.Exe ???

Posted on 2004-09-17
10
193 Views
Last Modified: 2010-04-13
Hello,
lately I noticed that my PC with 256 Mb RAM takes a long time even to open an internet explorer window. I removed all the spywares (with spysweeper and adaware) except maybe one that opens some popup blank window but I had the problem also before getting that spyware.
I checked in the tasks manager and I noticed that the file Exploere.Exe (notice the capital letters) is quite big when I start the system, like 4000 Kb, it goes up to 12000 Kb when I got everything started (mainly Mcafee, Spysweeper, YMessenger). If I close all those programs it's still big. If I kill it it restarts usually as explorer.exe (no capitals) and it takes 8400 Kb. Is it normal ???
I got other huge files, like Ypager that takes 23000 Kb  and Internet explorer that takes 20000 Kb. I also have many other processes that are in the 1000-4000 Kb, all system processes. Is this normal or should I do something about it ???
Thanks,
Max
0
Comment
Question by:maxone
10 Comments
 
LVL 17

Expert Comment

by:Jared Luker
ID: 12088800
That is a virus.

Got to housecall.trendmicro.com and run a free scan, since it's obvious that your AV scanner is not picking it up.

What AV are you useing?  How long has it been since your definitions have been updated?

Thanks,

Jared
0
 

Author Comment

by:maxone
ID: 12089127
Hello,
I am using McAfee Viruscan Enterprise 7.0.0 that is updated daily
for the spyware I use AD Aware by Lavasoft  that is also quite updated and Webroot Spysweeper shareware version.

I will try to do what you suggested and let you know, many thanks !

Max
0
 

Author Comment

by:maxone
ID: 12089536
I found some malaware and cleaned it.
Running again the scan from trendmicro  nothing was found.
Explorer.Exe is now around 6000 Kb in size, Internet Explorer still around 20000.
Right now while I am writing I have 2 Internet Explorer sessions opened, the one that was 20000 lovered down to 12000, the other session is around 9000 Kb. One session is for this message, the other one is the trendmicro website.
I got then Yahoo Messenger at 21000 Kb.
If you tell me that it's the right size for everything then ok !  :o)
If you want I can try to send you a monitor shot of my video so you can see the complete list of the running processes and their size.

Max
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 17

Accepted Solution

by:
Jared Luker earned 250 total points
ID: 12090121
Have you tried spybot s&d?
0
 
LVL 3

Expert Comment

by:4ceReconSniper
ID: 12090399
spybot is better than adaware, and go to symantec.com there is an online pc clinic there, also change your antivirus i prefer and use avast www.avast.com, its powerful, free, customizable, ive been using it for years no problem
0
 
LVL 1

Expert Comment

by:markoidwilson
ID: 12091409
Those vaules seem fine explorer will usually be in the top ten proccesses for memory along with the likes of iexplorer and svchost etc.
0
 

Author Comment

by:maxone
ID: 12091598
thank you.
Spybot found something that it's not able to remove, but it's under HKEY_USERS\Default\software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3  and it says it's a Data source object exploit...so I am not sure it's a real spyware.  
Three different antivirus (McAfee, Trendmicro and Avast) found no viruses on my system.  Four spyware cleaning systems (AdAware, SpySweeper, SpyHunter and Spybot) found different spywares, not many to be honest. Now the pc is immunized by Spybot, but still when I open Internet Explorer after turning on the computer I get a popup window with some advertisement. I was wondering if maybe it's one of those antivirus/spyware cleaners that send me advertisement :o)) I must get rid of those ads.

Thanks also to Markoidwilson, now apart from ypager and spybot, the biggest thing I have in memory is 15000 Kb for IExplorer.

Max

0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this article, I will show you HOW TO: Install VMware Tools for Windows on a VMware Windows virtual machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, using the VMware Host Client. The virtual machine has Windows Server 2016 instal…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now