Computer Specs:
Dell Optiplex GX745 Intel(R)
Pentium(R) D CPU 3.00 GHz
2.99 GHz, 1.99 GB of RAM
Intel(R) Q965/Q963 Exoress Chipset Family
Hitachi HDS721616PLA380
Windows Service Pack 2 installed, and running Windows XP Professional Version 2002
A touch screen monitor (along with an optical mouse and average Dell keyboard).
(Would another other specifications be helpful?)
Issue:
This computer has three Iexplorer.exe processes running. One takes up aprox: 16,792 k, another takes up 41,052 k, and the last takes up 34,108 k. Norton Anti-Virus 2008 is blocking outgoing emails that the computer is trying to send - not emails that any of the users or I have tried to send, just the emails from whatever process, virus or malware that is trying to send them. If I use 'control' + 'alt' + 'delete' and select 'end process' for those IEXPLORE.EXE they will close, but just reopen later on anyway.
Important:
This is a lab computer were students and staff come down on a regular basis to work and use the internet, so I want to get this computer functional and keep it protected in the future. It would be wonderful to make sure this problem doesn't spread to more pc's on the network here, and I already have one other potential computer with this error happening so any advice on how to keep this issue contained would be great! Thanks!
History:
When I first began working on this computer it would freeze after a few minutes of start up, or after closing a window which said something about a 'program has encountered an error and needs to close' (I should have written this down!).
The computer would also try to up-date and scan with AVG, and AVG would show warning notifications that there were viruses on the computer.
If I tried to use AVG to scan or quarantine the items it found, it might work for the first few items or scan for a short while (5 or 10 min - I usually left the pc to do a scan while I worked on other computers) but then the computer would freeze.
If I tried to go into Safe-mode the computer would blue screen with a message 'IRL_NOT_LESS_OR_EQUAL'.
Eventually, through luck or by removing AVG anti-virus, I was able to get the computer to stay on without freezing or blue screening when entering safe mode. I installed Norton Anti-virus 2008 and spybot shortly after. My guess is that the infected file that AVG was blocking was an essential file for the computer to run, and having removed AVG I was able to let that process run free - for better or for worse. Again, another thing I should have written down. Retrospect is killer! But, lesson learned.
Now, the Norton Help and Support pop up window comes up and lists anywhere from 60 - 300 notifications which are listed in the same window but as a # out of total #. If I close one of the windows it just cycles through all of the pop-up warnings about an email not getting through. Besides being slightly annoying to have these pop ups from Norton, something must be wrong with the computer. I could just avoid the pop-ups from Norton by turning off the outgoing email scanner, but that doesn't really fix the problem.
I can now get into safe-mode just fine. There are no more blue-screens, and I haven't installed any new hardware ever while working on this computer.
I have turned off system restore in the hopes that I could scan with anti-virus programs and keep the virus from coming back and although I have already removed some trojans from this pc, this IEXPLORE.EXE problem still remains.
When I use 'control' + 'alt' + 'delete' I see that several IEXPLORE.EXE processes are running. Currently there are three running.
From what I have read on the web it, and on this forum (I cannot add links yet because my forum posts are too low currently) it sounds like this is a virus or malware of some sort.
What I Have Done so far:
Un-installed AVG
Installed Norton Anti-virus 2008
Ran scans with Norton Anti-virus 2008 - removed Trojans - I can upload a list if you wish.
Installed Spybot
Ran scans with Spybot and removed items - I can upload a list if that is helpful.
Installed and run SUPERAntispyware - removed the items it found.
Downloaded, installed and ran VundoFix v7.0.5 - nothing was found.
Downloaded, installed and ran Malwarebytes' Anti-Malware. Items found. Log to be included.
I also downloaded and installed HJT, but instead of renaming it 'Crusty' I added an 'e' to the end - in the case that malware has re-modified again to find the new name this site suggests.
I have read the links about virus and malware and am working through the rest of steps now, so please bear with me.
During the process of these scans I have closed and shut down Norton Anti-virus because the notification window for Help and Support keeps popping up about the blocked outgoing emails. That windows a real nuisance because you have to close it for each individual email that is being blocked, and at 150 it gets pointless to bother trying to close it anymore. I also read that while running these scans listed above that it's a good idea to close anti-virus programs as well. Do I have that correct?
Further Questions:
I read somewhere that I should install spybot but un-check the option for teatimer. Can someone help me understand why?
Update:
5/21/2008
I have run the programs listed above in the 'What I have Done So Far' section, and after a reboot it seems that the IEXPLORE.EXE is not running when I check with the Task Manager. I don't come back to work for a couple of days so I will see how it works in the meantime. Please feel free to give me any feedback about what I have done so far, or any suggestions you may have. Thanks!
This is a post in process as I work through these steps. Thanks for your patience!
I have read the page you linked (as I stated above), and listed the areas which I have done. I would like to show the hijackthis logs, but I am not sure what the best way to post the logs on this forum would be. These logs are quite long so is there some way to post them via a link? What would you suggest?
Also, I have installed Norton 2008 - is this considered a poor choice of anti-virus protection? If so what anti-virus programs would you suggest for a non-profit organization (less expensive package deals and or free anti-virus software - we purchased the Norton 2008 software from the website techsoup.org at a great price.)
Thank you for your advice so far!
Update:
6/3/2008
HijackThis logfile included. I was unable to turn off Norton before the scan, I hope this doesn't interfere too badly. View attachment 33068
First scan with Malwarebytes View attachment 33069
Fist scan results with Superantispyware View attachment 33070
Update:
6/5/2008
I have noticed that the teachers here at the school use USB drives to backup their documents, and this may very well be a trouble-spot for spreading viruses. Any suggestions that I could do to keep viruses to a minimum when these USB keys come in from home, then get used on the computers at the school? I have considered using a Mac to scan all of the USB's first (this is assuming that the viruses that may be on the USB are pc viruses only), then to let the teachers use the USB on the pc's.
Dell Optiplex GX745 Intel(R)
Pentium(R) D CPU 3.00 GHz
2.99 GHz, 1.99 GB of RAM
Intel(R) Q965/Q963 Exoress Chipset Family
Hitachi HDS721616PLA380
Windows Service Pack 2 installed, and running Windows XP Professional Version 2002
A touch screen monitor (along with an optical mouse and average Dell keyboard).
(Would another other specifications be helpful?)
Issue:
This computer has three Iexplorer.exe processes running. One takes up aprox: 16,792 k, another takes up 41,052 k, and the last takes up 34,108 k. Norton Anti-Virus 2008 is blocking outgoing emails that the computer is trying to send - not emails that any of the users or I have tried to send, just the emails from whatever process, virus or malware that is trying to send them. If I use 'control' + 'alt' + 'delete' and select 'end process' for those IEXPLORE.EXE they will close, but just reopen later on anyway.
Important:
This is a lab computer were students and staff come down on a regular basis to work and use the internet, so I want to get this computer functional and keep it protected in the future. It would be wonderful to make sure this problem doesn't spread to more pc's on the network here, and I already have one other potential computer with this error happening so any advice on how to keep this issue contained would be great! Thanks!
History:
When I first began working on this computer it would freeze after a few minutes of start up, or after closing a window which said something about a 'program has encountered an error and needs to close' (I should have written this down!).
The computer would also try to up-date and scan with AVG, and AVG would show warning notifications that there were viruses on the computer.
If I tried to use AVG to scan or quarantine the items it found, it might work for the first few items or scan for a short while (5 or 10 min - I usually left the pc to do a scan while I worked on other computers) but then the computer would freeze.
If I tried to go into Safe-mode the computer would blue screen with a message 'IRL_NOT_LESS_OR_EQUAL'.
Eventually, through luck or by removing AVG anti-virus, I was able to get the computer to stay on without freezing or blue screening when entering safe mode. I installed Norton Anti-virus 2008 and spybot shortly after. My guess is that the infected file that AVG was blocking was an essential file for the computer to run, and having removed AVG I was able to let that process run free - for better or for worse. Again, another thing I should have written down. Retrospect is killer! But, lesson learned.
Now, the Norton Help and Support pop up window comes up and lists anywhere from 60 - 300 notifications which are listed in the same window but as a # out of total #. If I close one of the windows it just cycles through all of the pop-up warnings about an email not getting through. Besides being slightly annoying to have these pop ups from Norton, something must be wrong with the computer. I could just avoid the pop-ups from Norton by turning off the outgoing email scanner, but that doesn't really fix the problem.
I can now get into safe-mode just fine. There are no more blue-screens, and I haven't installed any new hardware ever while working on this computer.
I have turned off system restore in the hopes that I could scan with anti-virus programs and keep the virus from coming back and although I have already removed some trojans from this pc, this IEXPLORE.EXE problem still remains.
When I use 'control' + 'alt' + 'delete' I see that several IEXPLORE.EXE processes are running. Currently there are three running.
From what I have read on the web it, and on this forum (I cannot add links yet because my forum posts are too low currently) it sounds like this is a virus or malware of some sort.
What I Have Done so far:
Un-installed AVG
Installed Norton Anti-virus 2008
Ran scans with Norton Anti-virus 2008 - removed Trojans - I can upload a list if you wish.
Installed Spybot
Ran scans with Spybot and removed items - I can upload a list if that is helpful.
Installed and run SUPERAntispyware - removed the items it found.
Downloaded, installed and ran VundoFix v7.0.5 - nothing was found.
Downloaded, installed and ran Malwarebytes' Anti-Malware. Items found. Log to be included.
I also downloaded and installed HJT, but instead of renaming it 'Crusty' I added an 'e' to the end - in the case that malware has re-modified again to find the new name this site suggests.
I have read the links about virus and malware and am working through the rest of steps now, so please bear with me.
During the process of these scans I have closed and shut down Norton Anti-virus because the notification window for Help and Support keeps popping up about the blocked outgoing emails. That windows a real nuisance because you have to close it for each individual email that is being blocked, and at 150 it gets pointless to bother trying to close it anymore. I also read that while running these scans listed above that it's a good idea to close anti-virus programs as well. Do I have that correct?
Further Questions:
I read somewhere that I should install spybot but un-check the option for teatimer. Can someone help me understand why?
Update:
5/21/2008
I have run the programs listed above in the 'What I have Done So Far' section, and after a reboot it seems that the IEXPLORE.EXE is not running when I check with the Task Manager. I don't come back to work for a couple of days so I will see how it works in the meantime. Please feel free to give me any feedback about what I have done so far, or any suggestions you may have. Thanks!
This is a post in process as I work through these steps. Thanks for your patience!
I have read the page you linked (as I stated above), and listed the areas which I have done. I would like to show the hijackthis logs, but I am not sure what the best way to post the logs on this forum would be. These logs are quite long so is there some way to post them via a link? What would you suggest?
Also, I have installed Norton 2008 - is this considered a poor choice of anti-virus protection? If so what anti-virus programs would you suggest for a non-profit organization (less expensive package deals and or free anti-virus software - we purchased the Norton 2008 software from the website techsoup.org at a great price.)
Thank you for your advice so far!
Update:
6/3/2008
HijackThis logfile included. I was unable to turn off Norton before the scan, I hope this doesn't interfere too badly. View attachment 33068
First scan with Malwarebytes View attachment 33069
Fist scan results with Superantispyware View attachment 33070
Update:
6/5/2008
I have noticed that the teachers here at the school use USB drives to backup their documents, and this may very well be a trouble-spot for spreading viruses. Any suggestions that I could do to keep viruses to a minimum when these USB keys come in from home, then get used on the computers at the school? I have considered using a Mac to scan all of the USB's first (this is assuming that the viruses that may be on the USB are pc viruses only), then to let the teachers use the USB on the pc's.
