Solved

Internet Explorer several popup's with red X error message "Cannot find http:// gibbrish for a URl.

Posted on 2010-08-24
5
623 Views
Last Modified: 2012-06-21
If anyone knows how to fix this please let me know. I'm trying to stay away from having to re-image this machine. I've ran SuperAntiSpyware, MalwareBytes, Uninstalled/Reinstalled IE7 no luck.

Help!
0
Comment
Question by:sjmitdude
5 Comments
 
LVL 5

Expert Comment

by:kpoochi
ID: 33517048
Do not include any space between the // and the name.... Turn off popup blocker
0
 
LVL 2

Expert Comment

by:tonygze
ID: 33517773
Some spyware is nearly impossible to get rid of once its installed due to its customised nature.

Normally I would use adaware and pest patrol and scan the machine with an antiviral product eg avast (free).

Then I would turn off any IE addons that you dont recognise or dont need.

Then install a newer version of IE than IE 7

If the problem persists, rebuild the machine.
0
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 500 total points
ID: 33518532
Have you scanned with other tools? Try these tools and show us the logs.

TDSSKiller:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip

ComboFix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix


This one is a diagnostic tool which is also very handy especially to detect if IE is patched.
Download OTL to your Desktop
http://oldtimer.geekstogo.com/OTL.exe
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Under the Custom Scan box paste this in

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%PROGRAMFILES%\Internet Explorer\*.dat
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

• Click the Quick Scan button. Do not change any settings unless otherwise ask to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
0
 

Author Closing Comment

by:sjmitdude
ID: 33522974
Hi, I tried this late yesterday after I submitted this and Kaspersky TDSS Killer was able to locate a TDSS rootkit on this machine once this was removed the popup's stoped..

Thanks for getting back to me!
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 33722007
Sorry I was gone for weeks.... I was ill.
Glad to know it's now resolved.

Thanks!
 
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Koobface virus 44 81
Cryptolocker 4 66
Offline Trend  Client 4 77
Is My Computer Infected with a Web Browser Pop-up Alert Scam? 11 124
Malware seems to be getting smarter and smarter. If you are having trouble being able to launch your malware removal tools such as (and recommended): MalwareBytes, HiJackThis, ComboFix, etc. you can try some of the workarounds listed below. 1. Ma…
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now