Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Insidious Adware


  • Please log in to reply
4 replies to this topic

#1 BagLady

BagLady

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 03 November 2010 - 04:07 PM

I have been working on this for days and I'm going to have a very difficult time explaining all that I've done. I'm sure I'm at the point where I need to reinstall Windows but I don't have the CD's anymore.

1. Cause = 14 year old downloading music (and probably other things he's never going to admit to).

2. Effect = computer incredibly slow (takes a full minute to type a simple sentence).
FF quit loading.
AVG self destructed.
Bought ZoneAlarm AntiVirus. It's been deactivated and even ZA tech support can't help. They sent me here.
ZoneAlarm will not update. Says it can't find server. Cannot manually update.
Windows Defender, deactivated. Manually installed updates, it scanned and found nothing.
IE7 is working but searches redirect to advertising for irrelevant things.
FF uninstalled and reinstalled still doesn't work. Uninstalled again.
Error messages on start up, "ZoneAlarm needs updating," and the most consistent, "Netwaiting.exe can't start because BVRPDIAG.dll is missing."
Shut down errors, "Windows Defender is not responding," and then after selecting 'End Now' it stays on the shutting down screen until I hold down the on/off button.

The last thing I did was download updates for CCleaner and cleaned house. Now the machine won't even boot past the Welcome screen. Currently I'm running MalwareBytes in safe mode . . . again.

I firmly believe there's a special place in hell for the developers of these trojans and I do hope the businesses who advertise this way go down and out hard.

Edited by hamluis, 03 November 2010 - 04:28 PM.
Moved from XP forum to Am I Infected ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 BagLady

BagLady
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 06 November 2010 - 12:20 PM

**BUMP**

While waiting and for lack of anything better to do, I've been trying various other 'fixes' listed on the net. Everything I DL tells me they're free but then their results always show a multitude of infections which they want my credit card to remove. I can't trust any of them and suspect they're the cause in the first place. I'm left with IE redirecting to ads anytime a search is performed and the same netwaiting.exe can run because bvrpdiag.dll is missing.

Today I'm booting to the dreaded BSOD. "STOP: c000021a {Fatal System Error} The Windows Logon Process system process terminated unexpectedly with a status of 0xc0000135 (9ox00000000 0x00000000). The system has been shut down.

Looks like a reinstall of Windows is gonna be my only option now.

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:24 PM

Posted 06 November 2010 - 10:12 PM

The PC no longer boots? I will ask someone to look here. In the meantime you will probably need youor discs.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 BagLady

BagLady
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 06 November 2010 - 11:42 PM

I waged war against the stupid thing for 3 days. Today it won. It wouldn't even boot in safe mode. I've never had anything like this before and I hope to never see it again. It was nasty and none of the traditional stuff like Malwarebytes and Hijackthis recognized it! Torture is too kind and compassionate for the perp behind this one. I wish I could have identified it before it killed Windows, but it beat me. It was an XP home machine with Office 2007 on it, OEM, so I took it to a dealer who sells Dell lease buybacks and he is upgrading it to XP Pro and Office 2007 with legit keys and putting my Roxio back on and that's all I cared about anyway. He's only charging me $65, so I'm happy. I'm just frustrated. I hate to let a stupid virus beat me.

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:24 PM

Posted 07 November 2010 - 04:37 PM

Glad to hear it is at least strightened out and a reasonable fee. here's some tips compiled by our quietman7....
Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
  • USB-Based Malware Attacks.
  • When is AUTORUN.INF really an AUTORUN.INF?.
  • Please disable Autorun asap!.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users