Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win Antivirus 2008 Infection, Popups


  • Please log in to reply
1 reply to this topic

#1 qtaqq

qtaqq

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:04:34 PM

Posted 29 July 2008 - 03:51 AM

I don't know if this will set some record for fastest infection but we just bought a laptop on Sunday, my mom managed to get Win AntiVirus 2008 on the computer. So in about 29 hours we got an infection. The computer is running Vista so i'm not very familar with the OS yet. I had also installed all current Windows updates current as of 7pm that day. It has McAfee security center installed. After the infection I turned up the firewall from trusted to tight. Also we started to use wireless internet for this laptop. We set up the router yesterday but weren't sure how to put a password to access the connection. After asking a neighbor about how to do it on Monday when we went to access the router via our admin name and password we couldn't get into it. So i'm not sure if anyone got into out network and messed things up. I reset the router and then placed a access password on the network.

As for Win AntiVirus everytime we open an internet page it pops up, it is always running in the bottom right, and at computer startup it runs a scan and returns results saying we have infections and to pay to install WinAntiVirus 2008. It also pops up another warning saying we have a keylogger installed (i'm pretty sure this is another fake popup as are the results it returns in the scan.)

I ran kapersky online scan and it found 2 threats and 4 infected files. I saved (or tried to) the scan log to desktop and the computer's document folder as a text document and html. I'm not sure if this is because of the WinAntiVirus 2008 program, another bad program installed, or my inexperience with windows Vista. I checked and show all system files and hidden files is selected. I am running as administrator and have read write access. I also am not able to find the scan logs I created using the search option in Vista.

I installed and ran dss. The program runs through the backing up registry hives step. As soon as it gets to removing temporary internet files dss.exe crashes. I downloaded dss again to make sure it was a good copy. It still crashes in the same place. I don't know if it's because of Vista or something in the temporary internet files that keeps crashing it. So as of right now I have no scan logs to post as per the preperation guide before posting a hijackthis log section.

BC AdBot (Login to Remove)

 


#2 qtaqq

qtaqq
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:04:34 PM

Posted 29 July 2008 - 06:15 AM

I tried to make a notepad file and save it as a text file. I was able to do so on the desktop and documents section. I was able to view the file and find it in the Vista search. I tried to run Kapersky scan again and save a scan log. When I save it as a html file or txt file the window shows the files I tried to save yesterday but i'm still not able to access or even find them in the documents folder or desktop, and search returns nothing when I search for the filename I saved them under. McAfee notices the WinAntiVirus 2008 when I run the kapersky scan. I think it listed the program name as WinDefender. I also tried to run dss.exe but the program still crashes when it gets to deleting temporary internet files.

Edited by Orange Blossom, 29 July 2008 - 06:02 PM.
Move to more appropriate forum. ~ OB





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users