Incessant IE Pop-Ups and Buffer Overrun

By poolio10 ยท 5 replies
May 21, 2007
  1. Hi,

    I'm having a really annoying problem with XP Media Edition. I use firefox, but recently internet explorer has begun to pop-up incessantly (onto various pages), and whenever it does a window pops up saying "Buffer Overrun Detected!" in c:\windows\Explorer.exe

    I've run adaware, spybot and norton antivirus and the problem still persists. I uploaded a hijackthis log Here

  2. Phantasm66

    Phantasm66 TS Rookie Posts: 5,734   +8

    Sounds like something pretty nasty has taken root. You could spend time and effort finding out exactly what it is, what its doing, etc, and you might even be able to remove it. Problem is, now that you know your machine has been compromised, you just can't trust it any more. If malware has taken over your machine, it may have indeed downloaded MORE malware and installed that too. Whether you can detect or remove THAT is another story.

    In fact, there's every chance that your machine is part of a botnet now. Silently, unknown to you, its connecting itself to an IRC channel, and asking for its Master's bidding. Which might be to send spam, or do DDOS attacks.

    In any case, I'd format and reinstall if I were you. You'll maybe get other advice on this forum about trying to find the problem, eliminate it, etc, and good for you if you want to give that a go. I personally would not want to give it a go if it was my machine. I would want to format and reinstall. Which is what I suggest you do.
  3. poolio10

    poolio10 TS Rookie Topic Starter

    Hey, thanks for responding quickly. A problem is that this computer is a couple years old and I don't think I have the XP installation disk with me. Is there anyway to get around that?
  4. Phantasm66

    Phantasm66 TS Rookie Posts: 5,734   +8

    Not easily. You need the CD to reinstall.

    You can try cleaning the system, but if it was me, as I said, I would not trust that, and would reinstall. You've definately been taken hold of by something.

    Follow these links here if you want to try and clean your machine :

    If you still can't fix the problem, post back, but as a backup plan I would be trying to hunt down that CD if I were you.
  5. Phantasm66

    Phantasm66 TS Rookie Posts: 5,734   +8

    Oh, and in the meantime I guess it goes without saying that you should not be doing any kind of online banking, private stuff, typing in passwords, etc, on that machine because it might now have a keylogger installed. These loggers are programmed to look for credit card numbers, so don't be putting one of those in in a hurry. Infact, avoid using any personal information of any kind on that machine now until its reinstalled.
  6. Phantasm66

    Phantasm66 TS Rookie Posts: 5,734   +8

    That's the malware using things like Active X and some vulnerabilities to open IE even when you are not using it. The malware might also be using buffer overrun exploits to inject code onto the stack - which is why you are getting the "Buffer Overrun Detected!" messages.

    How often do you visit or do you have updates automatically set to download and install? Are you running service pack 2?
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...