Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista Internet Security 2011 and blocked Internet Explorer


  • This topic is locked This topic is locked
84 replies to this topic

#1 Chamcham

Chamcham

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:12:56 PM

Posted 15 April 2011 - 10:09 AM

Hi,

I'm new here, having been recommended by someone who has succesfully removed viruses in the past, with your help.

My 12 year old son was surprised by the invitation to run Vista Internet Security 2011, and said Yes (groan). Since then, I have tried to run my Avast, both in and out of safe mode, but it has not detected any files, despite the fact that the VIS 2011 security window keeps coming up on my screen. I have tried to download the Microsoft security tools, but my access to the internet has been denied, even in safe mode. I've also tried to identify the virus files in Task Manager, but they are either hidden, or well disguised.

I am now completely unable to access IE, as every time I try, it tells me that the programme is absent. I accessed my email three days ago (after the computer had been infected), but I have not tried since, as I am afraid I will cause problems there if I keep trying.

I've read the guidelines for what to do before submission, but I can't action most of them because they require downloading, which I'm not able to do!

I have an Acer computer, with up to date Avast antivirus (free version). I also have a Mac book which is about three years old, and I can access the internet, and my web based email, through that.

I'm hoping you can help me turn the IE back on on my PC, and get rid of the VIS 2011.

I know my way around a computer a bit, but I am by no means expert.

I'm about to go away for the weekend, but I'll be back on Monday.

Thanks in advance.

BC AdBot (Login to Remove)

 


#2 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:56 PM

Posted 24 April 2011 - 05:04 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you still require help then please try the following:

  • Please download OTH.scr to your desktop.
  • Now download OTL to your desktop.
  • Double click the OTH file and select Kill All Processes, your desktop will go blank


    Posted Image


    Then select Start OTL, - OTL will now run:
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized


Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#3 Chamcham

Chamcham
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:12:56 PM

Posted 25 April 2011 - 10:43 AM

Thanks Casey, good to hear from you - my problem is just the same.

I managed to get into IE using a saved web page in my favourites, and followed your instructions. Initially, typing OTH.scr into the address line just transferred me to Yahoo search (my home page is usually google), but eventually I managed to get into it by typing the URL for this thread into the address line, and then pressing the link in this thread. I followed your instructions. I ran "Kill all processes," and the desktop went blank , although my background remained, but when I pressed "Start OTL," nothing happened at all.

I look forward to the next step!

G.

#4 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:56 PM

Posted 25 April 2011 - 10:48 AM

Just to double check, you saved both OTH and OTL to your Desktop?

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#5 Chamcham

Chamcham
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:12:56 PM

Posted 25 April 2011 - 11:02 AM

Thanks for the quick reply.

Yes, I downloaded both files, and the icons are both visible on my desktop. I've just tried the follow the instructions again, and the same thing happened.

#6 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:56 PM

Posted 25 April 2011 - 12:28 PM

Hi,

Let's try this a different (and hopefully easier) way.

On your clean Acer PC

Find a spare and empty USB stick/drive.

Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.
  • Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.

Then try downloading OTH and OTL again on your clean PC. Now transfer them, via the USB you've just disinfected above, to the infected PC's desktop. Let's see if they'll run this time.

Casey

Edited by Casey_boy, 25 April 2011 - 12:28 PM.

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#7 Chamcham

Chamcham
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:12:56 PM

Posted 25 April 2011 - 04:14 PM

Thanks Casey,

My Acer is the infected computer. My uninfected laptop is a Macbook. Will it be OK to download onto a USB from my Mac, and then transfer to the Acer PC?

#8 Chamcham

Chamcham
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:12:56 PM

Posted 25 April 2011 - 04:16 PM

It's just occurred to me, I have a PC at work which I could use to download onto a USB, if that would be better than the Mac?

#9 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:56 PM

Posted 25 April 2011 - 04:21 PM

Ah, my apologies.

The flash disinfector step wont work on your Mac. Though in all honesty it's probably redundant anyway if you're going to use the Mac.

If you decide to use the Mac, don't do the flash disinfector bit but just remember that you cannot use the USB stick again until we're sure everything is clean (since the USB stick may become infected after plugging it into your Acer).

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#10 Chamcham

Chamcham
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:12:56 PM

Posted 25 April 2011 - 04:28 PM

Sorry, Casey, I'm confused. Do I need a clean computer to follow your instructions, in which case I'll download onto a USB at work tomorrow, or can I do it on my infected Acer, and use the USB to clean it?

#11 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:56 PM

Posted 25 April 2011 - 05:25 PM

The flash disinfector step ensures that your USB does not become infected when you plug it into your Acer. However, I don't think it will work on a Mac.

Thus you have two options:

1. Just download OTL and OTH onto the USB using your Mac. Then copy it them over to your Acer via the USB. Do not use the USB stick again until we're sure you're clean.

2. Using a work PC, do the flash disinfector step then download OTL and OTH to your USB. Copy them over to your Acer via the USB.

Just to clarify, the USB won't clean your Acer. We're just using it to transfer the files to it from a clean PC, whether that be your Mac or a work PC, so that any malware can't interfere with the files.

Make sense? :wink:

Edited by Casey_boy, 25 April 2011 - 05:27 PM.

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#12 Chamcham

Chamcham
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:12:56 PM

Posted 26 April 2011 - 03:45 AM

Thanks, that makes sense. I'm at work now, but I forgot to bring a USB, so I won't be able to do this until tomorrow. I'll reply again when I've done it.

#13 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:56 PM

Posted 26 April 2011 - 03:58 AM

OK :) thanks for letting me know.

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#14 Chamcham

Chamcham
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:12:56 PM

Posted 27 April 2011 - 04:07 PM

Hi Casey,

I managed to do as you suggested, ran the reports, and now have the files, but as I couldn't access the internet, I saved them to both the desk top and the USB, which I used earlier, but I don't fancy connecting that to any other computer! I rebooted the computer using OTH, but now I'm hardly able to use it. Sometimes it allows me to log in to my desktop, sometimes it crashes in the process. When I have been able to log in, it has not allowed access to the internet. I can get in through safe mode, but again, I can't access the internet.

Any ideas?

#15 Chamcham

Chamcham
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:12:56 PM

Posted 27 April 2011 - 04:20 PM

Try this

Attached Files






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users