Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Limewire Keeps Restarting And Created Vbzip10.dll And A.zip File Which I Couldn't Delete


  • Please log in to reply
15 replies to this topic

#1 Andrew Lau

Andrew Lau

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 13 April 2008 - 02:04 AM

Hi my name is Andrew and yesterday my friend sent me this file where I have to extract it and install it. However during the setup it said it wouldn't work and afterwards my limewire keeps starting up when I close it. Also in my own folder 'Andrew Lau' where its the main folder for documents, music, videos etc, there appeared two files named 'vbzip10.dll' and 'a.zip'. I can delete 'a.zip' but later on it re-appears in the same place again. The 'vbzip10.dll' file is worst as I cannot delete it. So please I need some help, I'm using Windows Vista and it is a brand new computer.

BC AdBot (Login to Remove)

 


#2 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:09:03 PM

Posted 13 April 2008 - 08:24 AM

can you pleae be more speciific about

my friend sent me this file where I have to extract it and install it


what type of file is it , what does it 'do'and how was it sent to you?

one assumes you are aware that Limwire is a program used for P2P file sharing and carries inherant risks of infections with such practices?

can you please tell us what your antivirus program is and what other protection programs you have installed? if you have run any of them can you post the results of the scans for examination by the Experts ??

#3 Andrew Lau

Andrew Lau
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 14 April 2008 - 03:24 AM

Hi, my friend sent the file to me using Windows Live Messenger. It was a .zip file where I had to extract it. Then after extraction there was a setup.exe which I opened and then it says an error message and I guess from then on I got the virus. However yesterday I downloaded the free trial of 'AVG Anti-Virus with Anti-Spyware' in http://www.ewido.com/en/, scanned and remove all the threats and stuff. Afterwards I was able to delete the two 'vbzip10.dll' and 'a.zip' by myself by right-clicking it and press delete. Then both of those files were never re-created on my computer again but I'm not sure if the virus is still in my computer. So how can I check? BTW, I uninstalled the 'AVG Anti-Virus with Anti-Spyware'.

Thanks a lot!
Andrew

#4 Andrew Lau

Andrew Lau
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 14 April 2008 - 03:26 AM

Oh I forgot, I also have McAfee SecurityCenter.

#5 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:04:03 PM

Posted 14 April 2008 - 04:05 AM

Try to disable both of your AV programs when doing a scan or fix with another program, having 2 AV preograms running active protections at the same time is not reccomended.


AVG is good software but I like to get a second opinion or even a third when it comes to removing newer maleware

Never open an executable except from a reputable company or download site, a lot of malware searches for shared folders in P2P programs so it can copy itself to the share with lots of different names
  • Please download Malwarebytes' Anti-Malware and save it to a convenient location.
  • Double click on mbam-setup.exe to install it.
  • Before clicking the Finish button, make sure that these 2 boxes are checked (ticked):
    • Update Malwarebytes' Anti-Malware
      Launch Malwarebytes' Anti-Malware
  • Malwarebytes' Anti-Malware will now check for updates. If your firewall prompts, please allow it. If you can't update it, select the Update tab. Under Update Mirror, select one of the websites and click on Check for Updates.
  • Select the Scanner tab. Click on Perform full scan, then click on Scan.
  • Leave the default options as it is and click on Start Scan.
  • When done, you will be prompted. Click OK, then click on Show Results.
  • Checked (ticked) all items and click on Remove Selected.
  • After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.

Edited by DaChew, 14 April 2008 - 04:08 AM.

Chewy

No. Try not. Do... or do not. There is no try.

#6 Andrew Lau

Andrew Lau
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 14 April 2008 - 05:05 AM

Malwarebytes' Anti-Malware 1.11
Database version: 623

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 142377
Time elapsed: 30 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Host Process (Worm.IRCBot) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#7 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:04:03 PM

Posted 14 April 2008 - 05:19 AM

I gave up on chat rooms and programs a long time ago,


Limewire has sent me a lot of business, that durn McAfee SecurityCenter slows a computer to a crawl but rarely lets an infection thru unless you tell it to.
Chewy

No. Try not. Do... or do not. There is no try.

#8 Andrew Lau

Andrew Lau
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 14 April 2008 - 05:51 AM

So what do you mean? Is my computer OK now? Can I re-install Limewire again?

#9 Kimmeh

Kimmeh

  • Banned
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 14 April 2008 - 07:00 AM

I wouldn't recommend installing Limewire again.

Is that where you for the files from?

#10 Andrew Lau

Andrew Lau
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 14 April 2008 - 07:12 AM

Yeh my friend got it from limewire. But I really need Limewire because it's so convenient to get songs. But the most important thing is, is my computer alright? Is it still affected with virus? Thanks

#11 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:04:03 PM

Posted 14 April 2008 - 08:57 AM

Wait a while, repeat some scans, watch it and see if you have any unusual behavior.

The Mcafee and avg logs might have given more clues

google searches lead me to a possible infection

http://www.sophos.com/security/analyses/vi...w32fontraf.html

according the the head developer for MBAM Vista is fairly immune to deep driver based infection and hence easier to clean

however noone can give you a guarrantee your machine is completely clean

I had a nasty infection that lead me here almost a year ago, I used all the do-it-yourself fixes and an AV and trojan scanner,
3 malware scanners before I felt it was clean

and then 6 months later I found a few remnants
Chewy

No. Try not. Do... or do not. There is no try.

#12 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:09:03 PM

Posted 14 April 2008 - 10:41 AM

you could try superantispyware http://www.superantispyware.com/
its free exe is

http://www.superantispyware.com/downloadfi...ANTISPYWAREFREE

and asquared

http://www.emsisoft.com/en/software/free/

its free exe is http://download6.emsisoft.com/a2FreeSetup.exe

I suggest you download both, install them and fully update the definitions; reboot and run each separately OFF line from their desktop icons on a full deep scan; they will produce a report with it might be useful to see

as to Limewire? I will not have it anywhere near my computer or any P2P stuff ; a computer I recently dealt with infected from stuff using Limwire eventually had to have an expensive reinstall of Windows it was so badly infected


of interest, one hopes you are NOT downloading any copyright material ..........

as a comment on another forum says...do you have your windows cd and licence key available and are you up TO and do you have the time FOR a reinstall and reformat of your computer when it gets infected as that is a very real possibility

#13 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:04:03 PM

Posted 14 April 2008 - 10:52 AM

and to add to ruby's excellent advise, now I have been told that wma's or wmv's on P2P can be infected, that's pretty scary


whenever you are fairly certain you are clean it's best to flush your old restore points and make a new one
Chewy

No. Try not. Do... or do not. There is no try.

#14 Andrew Lau

Andrew Lau
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 15 April 2008 - 04:23 AM

Yeh I have all the re-install Windows Vista CDs and I've re-installed this computer once already before when I was infected by a Trojan virus. For now my computer seems to be working just fine with no unusual behaviour since Sunday. I guessed the AVG Anti-Spyware programme removed it? The 'vbzip10.dll' and 'a.zip' vanished and it never re-created itself ever again... Now I'll download those 2 programs and do a scan and will post the results on the next reply. Thanks a lot guys really appreciate it! :thumbsup:

Andrew

#15 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:04:03 PM

Posted 15 April 2008 - 05:08 AM

A word of warning, whether you heed it or not, don't always count on restores or cleansing going so easy, you can lose a lot of data, someone can install a backdoor trojan and log every keystroke and own your computer, empty your bank account, start sending spam, get your isp to cut you off, and while it's using the internet. keep you off.

And how about an infection that will start right back up after you use your restore disks?

One that would survive a formating
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users