I forgot to add that I tried to install Vundofix but it is not installing for some reason. At the very end of the process it just stops, tells me there is an error and uninstall the components it installed.
Seakros 0 Newbie Poster
I logged into my account today and was presented by 6 "threats" found by AVG. However, when trying to remove them as a power user, it said that the files did not exist. Also if I recall, the pathway to the file was somewhere in the system restore. I accused my brother for having downloaded something harmful (since often times he does...), and now once again I'm stuck here cleaning my computer.
The problem, however, is that this virus is very sneaky. My brother confesses that he thinks its been on the desktop for a while. Although he is younger, he knows more about programming than me and explained that it might be a "polymorphic" virus (which apparently changes itself everytime it is scanned). I'm therefore thinking of turning off system restore to scan and delete it, but there's a catch 22, if i do turn it off to run a scan wothout, I will loose any possibility to restore my cpu to an earlier state (if it fails).
I'm currently doing Pandasoftware scan and I will post up a hijackthis report after it finishes and I do a bit of cookie cleaning. Panda has already found 9 threats at 11%...
If anybody has any suggestions in the meantime I would be very greatful.
Seakros 0 Newbie Poster
No.... I wasnt downloading anything for any "other" platforms.
Yea, but im pretty sure its somthing i downloaded.
Seakros 0 Newbie Poster
Personaly, i have got really no clue on how to repair it
and Im pretty sure its updated to the latest version.
Seakros 0 Newbie Poster
Well, for the past 2 weeks or so, i have been having a random problem with my internet explorer. At random, a little window pops up that sais:
MICROSOFT VISUAL C++ DEBUG LIBRARY
Debug assertion failed!
Program: C:\Program Files\GameSpot\GameSpotDownloadManager_Win32.exe
File: c:\program files\microsoft visual studio 8\vc\include\list
Line: 776
Expression:list erase iterator outside range "this line is not always the same"
For information on how your program can cause an assertion
failure, see the Visual C++ documentation on asserts.
(Press Retry to debug the application)
sadly retry dont work...
Its really annowying, because it just causes all the internet windows to close.
I sometimes just leave it there and continue what im doing (as long as i dont choose any options, it dosent close any windows)
This is basicaly my last resort bfore reinstalling Internet Explorer.
Any help would be gladly appreciated
BTW, im sorry if this is in the wrong forum... I didnt know if i should post this here or in the Virus section....
Seakros 0 Newbie Poster
Well i dont really know what happened to those prgms...
They are my brothers... but i think they are ok.. I restored them from AVG AS.
Anyway, THANKS A LOT FOR ALL YOUR HELP. I am extremely greatful!
Seakros 0 Newbie Poster
You have to be patient... The people who help around here also have lives and other things to take care of.
Seakros 0 Newbie Poster
BTW thx for that tip for Mozilla Cookies... I was wondering why I still had cookies even after I thaught I had cleaned them all.
Seakros 0 Newbie Poster
Logfile of HijackThis v1.99.1
Scan saved at 1:07:12 PM, on 14/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ocean.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
Seakros 0 Newbie Poster
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 4:58:50 PM 13/06/2007
+ Scan result:
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Cleaned with backup (quarantined).
HKU\S-1-5-21-3013760395-2280178743-1550305239-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\McAfee.com\Agent\Update\ResultLog\\Log#095 -> Adware.RogueSuspect : Cleaned with backup (quarantined).
C:\Documents and Settings\Osk\Local Settings\Temp\win1A.tmp.exe -> Downloader.PurityScan.eg : Cleaned with backup (quarantined).
C:\Documents and Settings\Vik_2\Desktop\Vik\vik\Other\applications\installdrivecleanerstart.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\wyjgsa.exe -> Downloader.Tiny.ha : Cleaned with backup (quarantined).
C:\PacSteam\CSN\Main\GUI\CSN-Settings.exe -> Logger.BuffaMov.c : Cleaned with backup (quarantined).
C:\Documents and Settings\Vik_2\Desktop\Msn tools\icecoldreloaded.zip/IceCold ReLoaded.exe -> Not-A-Virus.HackTool.Win32.Homac : Cleaned with backup (quarantined).
C:\Documents and Settings\Vik_2\Desktop\Vik\vik\tools\hydra\hydra.exe -> Not-A-Virus.HackTool.Win32.Hydra.d : Cleaned with backup (quarantined).
C:\Documents and Settings\Vik_2\Desktop\Vik\vik\Other\brutus-aet2.zip/BrutusA2.exe -> Not-A-Virus.PSWTool.Win32.Brutus : Cleaned with backup (quarantined).
C:\Documents and Settings\Vik_2\Local Settings\Temp\Temporary Directory 1 for brutus-aet2.zip\BrutusA2.exe -> Not-A-Virus.PSWTool.Win32.Brutus : Cleaned with backup (quarantined).
C:\Documents and Settings\Vik_2\Local Settings\Temp\Temporary Directory 2 for brutus-aet2.zip\BrutusA2.exe -> Not-A-Virus.PSWTool.Win32.Brutus : Cleaned with backup (quarantined).
C:\Documents and Settings\Vik_2\Local Settings\Temp\Temporary Directory 3 for brutus-aet2.zip\BrutusA2.exe -> Not-A-Virus.PSWTool.Win32.Brutus : Cleaned with backup (quarantined).
C:\Documents and Settings\Vik_2\Local Settings\Temp\Temporary Directory 4 for brutus-aet2.zip\BrutusA2.exe -> Not-A-Virus.PSWTool.Win32.Brutus : Cleaned with backup (quarantined).
C:\Documents and Settings\Vik_2\Local Settings\Temp\Temporary Directory 5 for brutus-aet2.zip\BrutusA2.exe -> Not-A-Virus.PSWTool.Win32.Brutus : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Documents\viktor shared\vic\Various\downloads\set it ups\pspv.zip/pspv.exe -> Not-A-Virus.PSWTool.Win32.PassView.162 : Cleaned with backup (quarantined).
C:\Documents and Settings\Vik_2\Desktop\Vik\vik\tools\hydra\pw-inspector.exe -> Not-A-Virus.PSWTool.Win32.PWInspector.b : Cleaned with backup (quarantined).
:mozilla.227:C:\Documents and Settings\Vik_2\Application Data\Mozilla\Firefox\Profiles\trd7kecv.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.228:C:\Documents and Settings\Vik_2\Application …
Seakros 0 Newbie Poster
I used Hijackthis and fix checked the 3 Mcaffe services... but their still their..... and what do u mean by Run sc delete McDetect.exe McTskshd.exe mcupdmgr.exe.
I also didnt find Yazzle or anything with Oin in it in Add/Remove prgms...
BTW thanks a lot for helping me.
Seakros 0 Newbie Poster
I've been cleaning my computer all day (started off with an buffer overrun problem) and have fixed some of it (Used VundoFix which got (I think) rid of that). But I'm not sure if I got everything...
I used ActiveScan from Pandasoftware, got my results and then I used ATF Cleaner to clean everything....
I Used Hijackthis so here are my stuff:
Log from Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 6:18:07 AM, on 11/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ocean.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2A185D27-0FCB-40EB-9D0C-C86216D69F6C} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {58EB7FC1-BDB7-4625-BC8D-9F19289836A2} - (no file)
O2 - BHO: …