Jump to content

Vista Internet Security 2010


lyricd

Recommended Posts

I've tried renaming it on download, and downloading the version with a random name found here:

http://mbam.malwarebytes.org/program/random-installer.php

I've tried downloading with a random name on another computer and moving it to the infected computer; that doesn't' work either. Other installer programs continue to work normally, but the virus is specifically stopping malwarebytes from installing.

Please help!

Link to post
Share on other sites

Hi,

Yes you did it correctly.

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

See if MBAM will install from there.

Where do you see evidence of "Vista Internet Security 2010"?

-screen317

In safe mode it is still there. It pops a window about an infected computer.

In regular boot up, it won't let Firefox or Explorer open, only Google Chrome is allowed to open. On second reboot, AIM auto opened Firefox and I can use it now.

Please advise.

Link to post
Share on other sites

  • Staff

Hi,

Open Firefox, then please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your Desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your Desktop.

    [*]Check esetAcceptTerms.png

    [*]Click the esetStart.png button.

    [*]Accept any security warnings from your browser.

    [*]Check esetScanArchives.png

    [*]Push the Start button.

    [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

    [*]When the scan completes, push esetListThreats.png

    [*]Push esetExport.png, and save the file to your Desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

    [*]Push the esetBack.png button.

    [*]Push esetFinish.png

-screen317

Link to post
Share on other sites

I downloaded the .exe to my downloads folder and opened it. Vista Internet Security 2010 immediately closed all of its warning windows (I was ignoring them, there were about 3-4 open warnings at all times.)

Unfortunately no programs will open now, firefox, google chrome, and explorer all pop a window asking me to "choose the program you want to use to open this file:"

Link to post
Share on other sites

I tried it again, this time using Firefox (already open) and downloading to my desktop. If I open it from the desktop it get the same window, asking me to choose a program to open it.

If I open it from my downloads summary window in firefox, I get a different error: "Application not found."

Can I solve all of this by using the restore function in Vista?

Link to post
Share on other sites

Hi,

Open Firefox, then please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your Desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your Desktop.

    [*]Check esetAcceptTerms.png

    [*]Click the esetStart.png button.

    [*]Accept any security warnings from your browser.

    [*]Check esetScanArchives.png

    [*]Push the Start button.

    [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

    [*]When the scan completes, push esetListThreats.png

    [*]Push esetExport.png, and save the file to your Desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

    [*]Push the esetBack.png button.

    [*]Push esetFinish.png

-screen317

C:\Users\Lyricd\AppData\Local\av.exe Win32/Adware.XPAntiSpyware.AA application cleaned by deleting - quarantined

C:\Users\Lyricd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1V4MX1J\msdostr[1].exe Win32/Adware.XPAntiSpyware.AA application cleaned by deleting - quarantined

C:\Users\Lyricd\AppData\Local\Xenocode\ApplianceCaches\HoldemManager.exe_v08404D5B\Native\STUBEXE\@PROGRAMFILES@\RVG Software\Holdem Manager\HMHud.exe probably a variant of Win32/Agent trojan cleaned by deleting - quarantined

C:\Users\Lyricd\AppData\Local\Xenocode\ApplianceCaches\HoldemManager.exe_v08404D5B\Native\STUBEXE\@WINDIR@\Microsoft.NET\Framework\v2.0.50727\cvtres.exe probably a variant of Win32/Agent trojan cleaned by deleting - quarantined

C:\Users\Lyricd\Downloads\zgsetup.exe a variant of Win32/Induc.A virus deleted - quarantined

Link to post
Share on other sites

  • Staff
I went back to the website that infected me (pirate bay) and was instantly re-infected and all my programs work again, including the " Vista Internet Security 2010.
Well at least now we've identified the source of the malware.

Please understand that visiting crack sites will get you infected. Crack sites are the largest source of malware on the Internet and it is not surprising that you are getting infected from there. In addition, downloading cracks for software is illegal and an offense..

Can I solve all of this by using the restore function in Vista?
Depends on which "restore function" you're referring to. Even if you format and reinstall, if you keep visiting crack sites, you will continue to get reinfected. I don't understand what you want me to do.. I cannot continue to keep cleaning your computer.

If you purchased the Pro version of MBAM, which offers realtime protection, then you will be much better protected than now, but (pardon the metaphor), if you open the door for a burglar, they'll always come and steal something...

Link to post
Share on other sites

Well at least now we've identified the source of the malware.

Please understand that visiting crack sites will get you infected. Crack sites are the largest source of malware on the Internet and it is not surprising that you are getting infected from there. In addition, downloading cracks for software is illegal and an offense..

Depends on which "restore function" you're referring to. Even if you format and reinstall, if you keep visiting crack sites, you will continue to get reinfected. I don't understand what you want me to do.. I cannot continue to keep cleaning your computer.

If you purchased the Pro version of MBAM, which offers realtime protection, then you will be much better protected than now, but (pardon the metaphor), if you open the door for a burglar, they'll always come and steal something...

I was not downloading cracks or illegal software!

PirateBay is a torrent site -- I use torrents to watch TV shows.

Link to post
Share on other sites

  • Staff

Hi,

My apologies for the delay.

If you remember when exactly the infection began, you can try a System Restore to a point before that date.

Give it a try and let me know. If no joy, please post a fresh DDS log, run the ESET online scan (post its log), then do the following:

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    av.exe


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Next, download this Registry Search by Bobbi Flekman, save it, and extract regsearch.exe to the Desktop. You will use it in a moment.

Doubleclick regsearch.exe to start it. In the top window, enter av.exe as the search string on the first line. Make sure all the option boxes are checked, and click "Ok". Notepad will be opened with text in it (the file will be saved to the Desktop as well as RegSearch.txt). Post this text in your next reply.

-screen317

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.