Pop-up Virus that nothing can fix

Discussion in 'Malware Help (A Specialist Will Reply)' started by z4g, Dec 29, 2006.

  1. z4g

    z4g Private E-2

    I've got this popup virus that I think originated from a fake torrent, it gives ads for casinos, tmobile, loans etc. The popups only appear when I run the application "Steam", a games application developed by Valve (very official). I've tried everything in the read me first post I think and I still get popups. I was given the advice to look for IEXPLORE.exe in task manager and terminate it. I found 2 x IEXPLORE.exe running here, one taking a lot of memory (66mb):confused: , when I terminate them they just appear again. I use Firefox instead of IE so it seems strange that it should be running. I have finally done a HJT but since I didnt really want to destroy things I didnt recognise I thought I better post it here. This is really starting to do my head in. If no one can suggest anything this time then I probabally will resort to a system reinstall.
     

    Attached Files:

    z4g, Dec 29, 2006
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Hi,

    Best option is to fully follow the below as HijackThis on its own will not help elliminate or find all malware, once the below is completed attach all the requested logs even if the scans show no infection, and if their are soem still persistant malwares the experts here will post some further instructions to remove.

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Downloading, Installing, and Running HijackThis

    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.




    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    DavidGP, Dec 29, 2006
    #2
  3. z4g

    z4g Private E-2

    ok, I tried doing everything you told me and now I have bigger problems, after installing counterspy I have sunthreatengine.exe eating more memory than anything else and slowing my computer a lot (I have 512 DDR). I now also have 3 entries of IEXPLORE.EXE in my taskmanager all eating hideous amounts of memory. Since installing counterspy my computer has also randomly started restarting itself. It looks like I have no choice but to reformat my hard drive now as following the readme steps have slowed my computer back to the stoneage.
     
    z4g, Jan 1, 2007
    #3
  4. z4g

    z4g Private E-2

    Iexplore.exe < Big Problem!

    Hi, I have the process IEXPLORE.EXE running dual entries in the taskmanager, I know from googleing that this is a nasty virus that I can find no solution for. I think this is quite a big problem so if any one knows how to fix it then please tell me. Please do not post a generic README FIRST as the last time I tried that my PC became more slower and problematic than ever. If anyone would like logs (e.g HJT) then please tell me the app you require the logs from and I will get them. I have tried everything with this virus and all the other forums come up with is: "reformat your hard drive, works for me", not really a "solution".
    Gaz
     
    z4g, Jan 1, 2007
    #4
  5. z4g

    z4g Private E-2

    Fixed it myself, don't trouble yourselves with it
     
    z4g, Jan 2, 2007
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Iexplore.exe < Big Problem!

    IEXPLORE.EXE is not an infection. That is Internet Explorer which is your browser. The reason it is running and eating up memory is due to the multiple LOP infections that you had.

    Had you completed the instructions Halo had given to you and attached all the logs we requested, we would have removed this infection along with any others that were hiding in the background. HJT logs are not sufficient to find all the problems. Also your problems with CounterSpy slowing things down were mostly due to your infections. Yes CounterSpy will affect performance just like any other tool. But this is temporary while we use it to clean your PC and then it would be removed.
     
    chaslang, Jan 3, 2007
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds