Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista Internet Security - Unregistered Version


  • This topic is locked This topic is locked
4 replies to this topic

#1 Jca56

Jca56

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 28 March 2010 - 10:50 PM

Hello, today my mom's computer got a virus called Vista Internet Security - Unregistered Version.

I went to the section to uninstall it, downloaded the things I needed and started the scan.

I have had a problem like this before and used this program before too.

When the scan finished I removed the viruses and it told me to do a restart to delete the rest.

After the restart finished the whole screen was black and all there was on the screen was the virus.

I clicked to remind me later to buy the fake program then everything came back but the virus is still there can someone help?

EDIT: Moved from Vista ~BP

Edited by Budapest, 29 March 2010 - 12:15 AM.


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:55 PM

Posted 29 March 2010 - 05:59 AM

Hi Jca56,

Welcome to Virus/Trojan/Spyware/Malware Removal (VTSMR) forum. I am going to assist you with your problem.

Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. Please let me know in your next reply if you agree with this.
  1. Please tell me what program have you used.

  2. Please download OTL by OldTimer.
    • Save it to your desktop.
    • Double click on the OTL icon on your desktop.
    • Check the "Scan All Users" checkbox.
    • Check the "Standard Output".
    • Click Run Scan button.
    • Two reports will open, copy and paste them to your reply:
      • OTL.txt <-- Will be opened
      • Extra.txt <-- Will be minimized

  3. Download the GMER Rootkit Scanner exe file from here and save it to your desktop.
    • Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.
    • Click on this link to see a list of programs that should be disabled.
    • Disconnect from the Internet and close all running programs.
    • Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
    • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
    • In the right panel, you will see several boxes that have been checked. Make sure the following are unchecked:
      • Drives/Partition other than C:\ drive (C:\ drive should remain checked)
      • Show All (this one also should be unchecked)
    • Then click the Scan button & wait for it to begin. (Please be patient as it can take some time to complete).
    • When the scan is finished, you will see the scan button appears again. Click Save to save the scan results to your Desktop.
    • Save the file as gmer.log and copy/paste the contents in your next reply.


#3 Jca56

Jca56
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 29 March 2010 - 12:36 PM

Hello again, my mom decided to reset her computer for 5 days ago to see if that would work before I could do as you said in the instructions.

When we logged back in everything seemed okay. Is the virus actually gone or is there a possibility that it is still somewhere in in the computer?

Thank you for the help.

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:55 PM

Posted 29 March 2010 - 12:42 PM

That is hard to say. We can do two things. Either provide those logs or wait and see. I can leave this thread open for a couple of days just in case.

#5 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:55 PM

Posted 03 April 2010 - 03:27 AM

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a PM and I will reopen it for you.

If you should have a new issue, please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users