Need help with frequent popups in IE

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by msh93, Jan 30, 2008.

  1. msh93

    msh93 Private E-2

    Since Sunday I've been getting very frequent popups in IE and general system slowness. I followed all directions in the "Read Me" post, but I'm still seeing the problem. Whatever malware I have seemed to also be preventing me from directly clicking on the XP cleaning procedure and software download links in the "Read Me" post in this forum, but I could right-click and open in a new tab. I also got a buffer overrun error in explorer when trying to download the software fixes, but then successfully downloaded from another machine and copied them over to the infected system. I wasn't able to generate a log from AVG, but the other 2 are attached. These things are driving me crazy. Any help would be greatly appreciated.
     

    Attached Files:

  2. __RiP_ChAiN_

    __RiP_ChAiN_ Private First Class

    Hello msh93 :)

    You'll have to try and stick with me here, as I'm still getting used to the way of doing things here :)

    A. 1. Please open Notepad
    • Click Start , then Run
    • Type notepad .exe in the Run Box.
    2. Now copy/paste the entire content of the codebox below into the Notepad window:

    Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


    3. Save the above as CFScript.txt

    4. Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.

    5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

    [​IMG]


    6. After reboot, (in case it asks to reboot), please re-enable all the programs that were disabled during the running of ComboFix

    CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.


    7. Now run the C:\MGtools\GetLogs.bat file by double clicking on it.

    Then attach the below logs:
    • C:\ComboFix.txt
    • C:\MGlogs.zip
     
    Last edited by a moderator: Jan 31, 2008
  3. msh93

    msh93 Private E-2

    I just realized that my computer has Dell PC Restore, which will let me restore a factory-fresh copy of the OS from a hidden drive partition. I think this might be easier for me, so I might try that instead, unless you think that could also be infected. Thanks so much for trying to help me. You guys are doing a great service here.
     
  4. __RiP_ChAiN_

    __RiP_ChAiN_ Private First Class

    Hello msh93 :)

    You realize chances are that would also erase all of your data, as well? It would probably work though, but we could probably remove this manually too. Let me know what you decide :)
     
  5. msh93

    msh93 Private E-2

    I'm going to try PC Restore. I'll definitely backup my data first, and I shouldn't have much additional software to re-install after. So it should be pretty quick. Thanks again.
     
  6. __RiP_ChAiN_

    __RiP_ChAiN_ Private First Class

    Good luck, let me know how it turns out :)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds