Problem with a virus, buffer overrun

Status
Not open for further replies.
I couldn't change the name of IcVzMonLauncher.exe from .exe to .old, it freezes the computer.

I cannot access services.msc either, the system asks permission and then it stays dark, like before accessing anything where Vista asks for permission. It freezes there. CTRL-ALT-DEL gets me back from there though.

Also cannot access indexing advanced options, does the same thing as above.

Whoops you're right , it was ISBMgr.exe not ISMBgr.exe.
 
Just back. And wow. You guys have a lot of changes going on. I’m writing/posting this quickly as it might warrant attention sooner then later to decide if they’re correct (or maybe I’m wrong but want to post some observations)
  1. Look at running processes. I don’t believe you have any spyware protection now. You removed AVG anti-spyware and also disabled Windows Defender sometime earlier in this thread. You removed Antivir Suite of protection and replaced it with just anti-virus. I don’t see any anti-spyware process so u might be picking things up now. (btw.. check to see if the AVG anti-spyware executable is actually there. I think HJT is giving the run command but the file is actually already gone)
  2. If you look at your running processes now (compared to when this thread started) I think some things are missing that were indicated as needed (like intel graphics stuff igfxsrvc.exe and igfxpers.exe). So I don’t know if u really don’t need them or being missing contribute to your problems.
  3. I’m wasn't certain but it sounded like you went through your registry earlier removing everything you could under HKLM\…\Run (down to trying to remove the (Default) entry)! Maybe it's me being overly cautious, but i'd double check what’s in MSCONFIG vs your registry before setting MSCONFIG back to Normal mode
  4. There’s a new Java release out. You disabled jusched, the java auto-updater. So go to control panel and do an Java update now to get it manually.
  5. IcVzMonLauncher.exe is a legit file (and a currently running service!) in the legit place (tho no data to validate the executable itself). It’s a Sony service to convert your movies to a format that's readable by your Sony PSP. It should be located in \%Program Files%\Sony\IMAGE CONVERTER 3\ (where it is)
  6. I think you ran the Autoruns log before waiting for the Ready status in the lower left corner? Just guessing as nothing shows it’s Verified. If you want to run it again I can review.
  7. While you;re at it, can you double check and verify your Windows firewall is actually running? I don't see any other firewall.
  8. I think you should try starting your system in safemode and try running sfc again (and chkdsk while you’re at it)
 
Now I know what happens with everything I cannot access, TweakUAC does the same. What happens is that I cannot do anything that Vista asks permission for, every time it freezes, so I cannot (I think) be logged in as admin anymore. UAC does not permit me do anything it asks, I cannot install AVG antispyware or run msconfig anymore.

I ran autoruns waiting for "ready" statement. Windows firewall is running. Sfc, chkdsk do not work neither in safe mode.

I cannot stop Windows Defender either or anything like that to stop it asking me permission to everything.

I am really thinking nuking this thing now. Let's see if it is possible with Gparted.

Thank you guys a lot, I really mean it. I'll report what happened with Gparted. :)
 
Status
Not open for further replies.

Similar threads

S
  • Locked
Inactive Am I infected?
Replies
8
Views
3K
Broni
Broni
A
Microsoft breaks users' PCs again with latest Windows 11 update
Replies
19
Views
375
trparky
T
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni

Latest posts

Back