Solved

Multiple copies of Internet Explorer popping up

Posted on 2007-11-17
5
2,069 Views
Last Modified: 2013-12-08
A friend was given an old computer.  It has Windows 2000.  I cleaned it up and installed 500 MB of RAM.

When she initiates Yahoo Messenger, a LARGE number of Internet Explorer instances start up, as evidenced by the task bar.  Like, 20 or 30 or more.  At that point, the machine slows to a crawl.  It gets so slow that it actually appears to stop dead.  But the IE's keep coming and coming.

It occurred to me that the machine is possibly infected with a virus.  There is an older version of Symantec installed, but when it gets around to it, it pops up a yellow message box stating "Virus protection is disabled", or something like that.

I can't seem to get to the Symantec "Main" window, to turn it on, or do a Scan.

I'm thinking to just purchase an up-to-date Symantec Virus package.  But before I spend any money on this, I thought I would check here.

Question:  Is this strange I.E. behavior possibly some kind of system malfunction?  Or am I right in thinking it may be infected?  If so, I would like an opinion on what virus protection to get.  I'm not particularly in love with Symantec.

- - Norma Posy
0
Comment
Question by:NormaPosy
5 Comments
 
LVL 16

Expert Comment

by:2PiFL
Comment Utility

It's infected.  A lot of people I know like AVG anti virus: http://avg.downloadzsoftware.com/?OVRAW=avg&OVKEY=avg&OVMTC=standard&OVADID=4009771522&OVKWID=35362031022

I recommend  adding the infected drive as a slave to a fully protected and updated system and scanning it yntil it's clean.  Doing it this way ensures that all files get scanned and cleaned as none (i.e. system files) will be in use.
0
 
LVL 63

Accepted Solution

by:
SysExpert earned 500 total points
Comment Utility
Definitely malware

malware - Leetutor list
Have you tried running virus scans and spyware scans  This could be a problem with viruses/trojans/spyware or other malware. Some free online virus scanners:

http://housecall.antivirus.com  

http://www.pcpitstop.com/antivirus/default.asp

http://www.pandasoftware.com/activescan/com/activescan_principal.htm

Also try these free programs to rid your system of spyware, trojans, and other malware:

http://download.com.com/3000-2144-10194058.html?tag=lst-0-1
Spybot - Search & Destroy

http://download.com.com/3000-2094-10045910.html?legacy=cnet
LavaSoft Ad-aware  

I use BOTH of the above programs on my 3 Windows systems; what one program misses, the other catches.  Also make sure to download the most up-to-date data before you run the programs.

Another very good freeware program for ridding yourself of spyware is this:

http://www.superantispyware.com/
SuperAntiSpyware

You might also try this free program (HijackThis) -- install it in its own folder, don't download to your Desktop:

http://www.spychecker.com/download/download_hijackthis.html

HijackThis is a tool that is for advanced users, because it lists all the installed browser add-on and startup items, allowing you to inspect them and then optionally remove any ones you select.  You must be careful in choosing what to remove, although the program can create a backup of your original settings.  But put a check mark to fix any home page or search page setting that HijackThis detects which you have not entered yourself.  The program has an option to download online updates of the hijack data.

You should first post the log at this site:  

http://www.hijackthis.de/index.php?langselect=english

and it will be automatically analyzed for you (after you click on the button labeled "Analyze" near the bottom of the page), telling you which entries (called "Nasty") should be fixed.  You will also be told if you have any items that are "Possibly Nasty", or "Unnecessary", or "Unknown". If you don't know what to do about these, you might find something on the module name by doing a Google search of the internet.

If you have any questions about what it is asking you to fix that you would like the E-E experts to comment on, then do this:  right above the Analyze button you will see this message: "The following analyses has been stored temporarily", and there will be a link where the analysis file will be saved (for a period of three days). Click on it and then copy the link of that page from the address bar of your browser and paste it here, and experts can check it for you.  (Please DON'T post the entire log itself in your question.)

In case you would like to learn more yourself how to use HijackThis, here are a couple of urls:

http://www.tomcoyote.org/hjt/
HijackThis Quick Start


http://www.spywareinfo.com/~merijn/htlogtutorial.html
HijackThis log tutorial


--------------


I hope this helps !
0
 
LVL 87

Expert Comment

by:rindi
Comment Utility
This will probably take a lot of time and energy to clean up, and the end result is unsure. In this case I'd backup the data, then reinstall the OS. Download the free Avast! anitvirus software, it is at least as good as symantec, if not better. Then update windows fully. Also look for a firewall software if the PC isn't behind a router that includes a firewall. After that reinstall all the software. Make sure that you browse using firefox which includes a good popup blocker and also doesn't use activeX like IE does. ActiveX can easily be used to do malicious things with your PC.

http://avast.com
http://www.mozilla.com/en-US/
0
 

Author Comment

by:NormaPosy
Comment Utility
Thank you.  I appreciate your help.

It sounds like I have an extensive job on my hands here.  Of course, she was given the machine without the original Windows 2000 CD.

We should decide if the machine is worth the effort.  If so, maybe I will just wipe the hard disk clean and then install my copy of XP.  I've never done this.  What is the easiest way to wipe the hard disk clean?

- - Norma Posy
0
 
LVL 87

Expert Comment

by:rindi
Comment Utility
If you install your copy of XP and that is used on your PC too, that would be breaching the copyright laws, and you would also have problems with activating the OS. It is better to either buy a new copy of XP, or install something like Ubuntu Linux which is free, better than XP, runs on most PC's, is easy to use, and it isn't as prone to attacks as M$ OS's are.

http://ubuntulinux.com
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
Now-a-days, indirectly, postal services have been replaced by email services. Yes, whenever we hear the word "email" a lot of people only think of gmail. Some people still think that email and gmail are one and the same thing :-). Let's see some …
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now