Malware problems leading to Buffer Overrun Error?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by whoamonga, Apr 20, 2007.

  1. whoamonga

    whoamonga Private E-2

    Hi, two days ago, i started getting redirected google search results... thats when i found this site. I started by running CWShredder, then found your readme first forum with instructions on removing malware before i download hijack.

    I took all steps in the readme first forum in order, but ran into hiccups.

    The post eventually told me to run Spyware Blaster, however the scan would never finish, it just gave me an error message saying "something bad happened."

    so i went on with the other steps normally, 'til i ran Bitdefender online. It also gave me an error message and closed, but this one said:
    Buffer overrun detected!
    C:\Program Files\Internet Explorer\IEXPLORER.EXE ...

    So i am now under the impression that this is not only just a malware problem, am I right?

    There is also a folder called Content.IE5 in my temporary internet folder that if i get anywhere near or try to delete, it says Windows has encountered an error and has to close... This also happens in safe mode.



    So my question is this, what do i do next? I will continue with the instructions on the intro readme post, but what else could I do to eliminate this problem? Thank you very much for you time in assisting.
     
  2. whoamonga

    whoamonga Private E-2

    heres my runkeys and newfiles logs, they were the only ones i was able to obtain...
     

    Attached Files:

  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The READ ME first does not tell you to run Spyware Blaster. And in addition Spyware Blaster is not a scanner! What are you referring too?

    Did you run CounterSpy or AVG Antispyware if you could not run CounterSpy.
    Did you run Spybot Search and Destroy.

    Did you uninstall all old Sun Java versions and install the current version as requested in step 6 before running BitDefender?

    Did you run Panda ActiveScan?
     
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Did you run HijackThis as per the directions in step 7?
     
  5. whoamonga

    whoamonga Private E-2

    First off I want to apologize for not being more clear on what is going on and what I have already done. I'm pretty green on the spyware end.

    I did uninstall previous Java versions, and install 6.

    I did run all the virus/spyware scanners that were recommended by the readme post. There was one that didn't complete, however, and I just thought it had been Spyware Blaster...It was obviously a different one though. I'm getting confused with their names.

    I finished the ReadMe instructions, completing Panda and HiJack, and will post my logs. It really surprised me that Panda found so many infections that none of the other software programs picked up. Am I getting new infections or did the other programs overlook them?

    Again, I apologize for earlier, and will do whatever's needed to be more clear in any effort to help get this issue resolved. And I greatly appreciate your time.

    Thanks again!
     

    Attached Files:

  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    What about the requested log from CounterSpy?

    Panda did not find anything but cookies and if you had follow the instrucions in step 1 of the READ ME to run CCleaner on all user accounts, they would have already been removed or at least there would have been a lot fewer. At anyrate cookies are not problems!

    Note that from what I see thus far, you probably are not having malware problems!
     
  7. whoamonga

    whoamonga Private E-2

    Counterspy might've been the program that never finished scanning because it would encounter an error and close. I could never get a report from it. I am trying to run again, and if it finishes, I will post the report next.

    If this is not a malware problem, any idea of what it might be?

    Again, time, patience, and thought on the matter is very appreciated.
     
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    A possible software or hardware issue. Capture the full word for word error message when it occurs and post it in the Software Forum. Also describe exactly what you were doing and what was running when it occurs.


    We can try one more scan which looks for rootkits, just to be on the safe side but I'm not expecting it to find anything.

    Now please download F-Secure's BlacklightBeta
    • Download fsbl.exe and save it to the Desktop.
    • Once saved... double click fsbl.exe to install the program.
    • Click accept agreement and Click scan
    • This application may trigger a warning from your antivirus. Let the driver load. Wait for it to finish.
    • If it displays any items...don't do anything with them yet. Just hit exit (close)
    • It will drop a log on Desktop that starts with fsbl....big number
    Please attach the BlackLight log.

     
  9. whoamonga

    whoamonga Private E-2

    okay, i ran all the spyware programs again. Counterspy didn't find any error.

    Ad-Aware SE is the program where i'll run it, and when it gets to my IE temporary file, it freezes. The same file that I cannot navigate to in Windows because it will close down. Ad-Aware has been stuck scanning that same file for two days now.

    I downloaded and ran the Blacklight program, it found one error, and I will attach the log.

    So after this dead end, I will post in the software forum, unless there are any other thoughts on this being malware?

    Thanks again!
     

    Attached Files:

  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Run BlackLight again and this time have it fix the c:\WINDOWS\system32\kdgpt.exe file. This may be part of a WareOut infection, however your system does not show the signs of a typical WareOut infection.

    Run Ccleaner before using Ad-Aware. That way your IE Temp files should already be removed.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds