Annoying popup

Discussion in 'Malware Help (A Specialist Will Reply)' started by car1701, Feb 29, 2008.

  1. car1701

    car1701 Private E-2

    I don't remember downloading or seeing anything unusual. I'm not the only user on this computer. It just keeps flashing full screen popups turns my screen white and is hard to close out. Keeps popping up (Windows has detected a virus infection! Please use Macrovirus to remove the infection). Sorry I can't be more detailed don't know what I got ahold of.
     

    Attached Files:

    car1701, Feb 29, 2008
    #1
  2. car1701

    car1701 Private E-2

    More logs
     
    Last edited: Feb 29, 2008
    car1701, Feb 29, 2008
    #2
  3. car1701

    car1701 Private E-2

    :cry
     
    car1701, Feb 29, 2008
    #3
  4. car1701

    car1701 Private E-2

    UMMM...Sorry I've been trying to upload other logs it keeps saying error
     
    car1701, Feb 29, 2008
    #4
  5. car1701

    car1701 Private E-2

    :D There they are I dunno...
     

    Attached Files:

    car1701, Feb 29, 2008
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    First you MUST put your PC into Normal Startup mode with MSconfig. This was requested in step 1 of the READ ME. You need to do this now and leave it this way. You need to read the below link so that you stop doing using MSconfig this way:

    Dealing with Startup Processes

    Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

    Now we need to use ComboFix to remove a bunch of malware files.
    • Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
      • If it is not on your Desktop, the below will not work.
    • Open Notepad and copy/paste the text in the below quote box into it (make sure you scroll all the way down in the code box to get all lines selected ):
    • Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    • At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    • You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    • Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    • Follow the prompts.
    • When it finishes, a log will be produced named c:\combofix.txt
    • I will ask for this log below
    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Now run Ccleaner!

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it.

    Then attach the below logs:
    • C:\ComboFix.txt
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Mar 1, 2008
    #6
  7. car1701

    car1701 Private E-2

    Just a question when I put pc into normal startup mode with misconfig should all the startups be enabled? I did have them enabled 2nd time around.


    Should I have rebooted after I did all this?

    Also when will my clock return to normal?

    Just wondering I already did everything to a T I hope I didn't miss anything really want this crap off as I'm posting this it keeps popping up but not as bad.


    Here is my logs


    Thank you very much for your help!!!!
     

    Attached Files:

    car1701, Mar 1, 2008
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That is what Normal Startup mode is. If anything is disabled, you would be in selective startup mode.


    This means ComboFix did not run properly. If necessary we can fix it manually later.

    You need to attach the log from running ComboFix. This is C:\ComboFix.txt. You attached CFscript.txt which I don't need.


    You also did not tell me how things are working.
     
    chaslang, Mar 2, 2008
    #8
  9. car1701

    car1701 Private E-2

    Actually I rebooted for some reason, frustrated I guess with my beeping computer and I got this error code NTLDR is missing press ctrl+Alt+Del to restart. (What does that mean NTLDR?)

    I left it off for 4-6 hours rebooted same thing, so I was really p.o'd by then so I did a system recovery. It was either that or my tower was going out the front door:D I thought it would put me back to like it was brand new but much to my surprise it had alot of my old stuff still documents, pictures,
    I'm relieved because I had a lot of stuff on there really that I thought I was going to loose. So with doing a system recovery do you think it wiped out the popup crap off there? Or is it still lurking somewhere? I'll do scans and everything haven't had time yet today had to work today. Just wanted to check here to see what was posted. It hasn't popped up at all though. Thank you for all your help:dood
     
    car1701, Mar 2, 2008
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Did you do a system restore or did you use your Recovery CD or Partition to return your PC to the state it was when you first took it out of the box?

    You may still have components of malware on the PC. They may be inactive due to what you did but they could still be there.
     
    chaslang, Mar 4, 2008
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds