McAfee Buffer Overflow - please help

M

msen

I went to a website recently and since then I am getting random pop up windows.
I also got the following message:

"To maintain system stability windows must restore original version of these
files.

Insert your window xp professional cd2 now"

Once I inserted the CD2, the message disappeared but the windows are still
appearing on internet along with the following warning:

McAfee has automatically blocked a buffer overflow.
Details
Detection:
File: C:\WINDOWS\Explorer.EXE
More Info
Buffer overflows occur when suspect programs or processes try to store more
data in a buffer (temporary data storage area) on your computer than its
limit, corrupting or overwriting valid data in adjacent buffers.

I have Dell Dimension E510 with Windows XP and IE 7
 
M

Malke

msen wrote:
> I went to a website recently and since then I am getting random pop up windows.
> I also got the following message:
>
> "To maintain system stability windows must restore original version of these
> files.
>
> Insert your window xp professional cd2 now"
>
> Once I inserted the CD2, the message disappeared but the windows are still
> appearing on internet along with the following warning:
>
> McAfee has automatically blocked a buffer overflow.
> Details
> Detection:
> File: C:\WINDOWS\Explorer.EXE
> More Info
> Buffer overflows occur when suspect programs or processes try to store more
> data in a buffer (temporary data storage area) on your computer than its
> limit, corrupting or overwriting valid data in adjacent buffers.
>
> I have Dell Dimension E510 with Windows XP and IE 7

Your computer is infected and you need to clean it up. Go through these
general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to
do all scans in Safe Mode.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html
- download site

The site is in German but David's tool is in English so don't let that
worry you. Scroll all the way down to almost the bottom of the page and
you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".
You'll see "Download von www pctipp.ch" and the live link to download
Multi_AV.

You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the first link above (not here, please).

Standard caveat: If the procedures look too complex - and there is no
shame in admitting this isn't your cup of tea - take the machine to a
professional computer repair shop (not your local version of
BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may
be so infested that Windows will need to be clean-installed. Have all
your data backed up before you take the machine into a shop.


Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
 
V

Volodymyr Shcherbyna

I hope this case is not connected with this :)

http://msmvps.com/blogs/v_scherbina/archive/2007/12/27/explorer-exe-is-in-danger.aspx

--
Volodymyr
NG tips:
http://msmvps.com/blogs/v_scherbina/pages/microsoft-newsgroups-tips.aspx
"Malke" <notreally@invalid.invalid> wrote in message
news:usli8Y8SIHA.5980@TK2MSFTNGP04.phx.gbl...
> msen wrote:
>> I went to a website recently and since then I am getting random pop up
>> windows.
>> I also got the following message:
>>
>> "To maintain system stability windows must restore original version of
>> these files.
>>
>> Insert your window xp professional cd2 now"
>>
>> Once I inserted the CD2, the message disappeared but the windows are
>> still appearing on internet along with the following warning:
>>
>> McAfee has automatically blocked a buffer overflow.
>> Details
>> Detection:
>> File: C:\WINDOWS\Explorer.EXE
>> More Info
>> Buffer overflows occur when suspect programs or processes try to store
>> more data in a buffer (temporary data storage area) on your computer than
>> its limit, corrupting or overwriting valid data in adjacent buffers.
>>
>> I have Dell Dimension E510 with Windows XP and IE 7
>
> Your computer is infected and you need to clean it up. Go through these
> general malware removal steps systematically -
> http://www.elephantboycomputers.com/page2.html#Removing_Malware
>
> Include scanning with David Lipman's Multi_AV and follow instructions to
> do all scans in Safe Mode.
>
> http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
> http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html -
> download site
>
> The site is in German but David's tool is in English so don't let that
> worry you. Scroll all the way down to almost the bottom of the page and
> you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".
> You'll see "Download von www pctipp.ch" and the live link to download
> Multi_AV.
>
> You can also check to see if there are targeted removal steps for your
> malware here:
> Bleeping Computer removal how-to's -
> http://www.bleepingcomputer.com/forums/forum55.html
>
> When all else fails, run HijackThis and post your log in one of the
> specialty forums listed at the first link above (not here, please).
>
> Standard caveat: If the procedures look too complex - and there is no
> shame in admitting this isn't your cup of tea - take the machine to a
> professional computer repair shop (not your local version of
> BigComputerStore/GeekSquad). Please be aware that not all local shops are
> skilled at removing malware and even if they are, your computer may be so
> infested that Windows will need to be clean-installed. Have all your data
> backed up before you take the machine into a shop.
>
>
> Malke
> --
> Elephant Boy Computers
> www.elephantboycomputers.com
> "Don't Panic!"
> MS-MVP Windows - Shell/User
 
You must log in or register to reply here.

Similar threads

B
  • Article
Releasing Windows 11 Build 22621.1926 to the Release Preview Channel
Replies
0
Views
157
Brandon LeBlanc
B
B
  • Article
Announcing Windows 11 Insider Preview Build 23466
Replies
0
Views
217
Brandon LeBlanc
B
K
Slow PC, high DPC Latency, and BSOD
Replies
0
Views
266
KRzYamaneko
K
D
Announcing Windows 10 Insider Preview Build 17704
Replies
0
Views
901
Dona Sarkar and Brandon LeBlanc
D
I
Enhanced Memory Protections in IE10
Replies
0
Views
411
ieblog
I
Back
Top Bottom