Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista malware


  • Please log in to reply
2 replies to this topic

#1 mitchell76

mitchell76

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 22 June 2011 - 02:56 AM

Hello Ive been fighting this malware for a while. Ive ran malwarebytes, TDSSkiller and I keep getting the same results that nothing has been found. I know there is something still here cause it will not allow me to open certain programs like stopzilla remove any programs. I downloaded stopzilla because on the antimalware programs I have it seems like the vista malware has attached itself to the programs because they all have the vista sheild logo on top of them. The stopzilla doesnt run there is a error that pops up everytime I try to run it. SO I downloaded this microsoft antimalware program and everytime I run it, it comes up the same four infections that it seem to cannot get rid of. It had something to do with the JAVA.

I need help please, I want to make sure that its not just me and theres a virus of some sort on my pc because i never seen those sheilds before on any of my programs.

Thank you

BC AdBot (Login to Remove)

 


#2 invision

invision

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 22 June 2011 - 08:52 AM

Lets try doing an online scan to see if it finds anything else that the other scans may have missed.

Please perform a scan with Eset Online Anti-virus Scanner.

  • If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install.
  • Vista/Windows 7 users need to run Internet Explorer/Firefox as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
  • Click the green Posted Image button.
  • Read the End User License Agreement and check the box:
  • Check Posted Image.
  • Click the Posted Image button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
  • Under scan settings, check Posted Image and make sure that the option Remove found threats is NOT checked.
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the Start button.
  • ESET will install itself, download virus signature database updates, and begin scanning your computer.
  • The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop as ESETScan.txt.
  • Push the Posted Image button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply. If no threats are found, there is no option to create a log.



#3 mitchell76

mitchell76
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 22 June 2011 - 02:50 PM

Thanks for the reply and the information. I ran the scan and this was the result. Did this scan also remove the threats.


C:\Program Files (x86)\HP Games\Farm Mania\Farm-WT.exe a variant of Win32/Kryptik.SH trojan
C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll Win32/Toolbar.Zugo application
C:\ProgramData\WildTangent\528821fe-58e4-439c-81de-49f36a16aa12-extr.exe
a variant of Win32/Kryptik.SH trojan
C:\Users\All Users\WildTangent\528821fe-58e4-439c-81de-49f36a16aa12-extr.exe
a variant of Win32/Kryptik.SH trojan
C:\Users\Wykia\AppData\Local\Temp\0.9499783313487915.exe
a variant of Win32/Kryptik.PIG trojan
C:\Users\Wykia\AppData\Local\Temp\is1972027439\zgInstaller.exe
Win32/Toolbar.Zugo application
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\116c51d8-64fac990
a variant of Java/TrojanDownloader.Agent.NAD trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\64414e83-3a6f3963
a variant of Java/Agent.BR trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\5974e79e-2b9f1bd7
probably a variant of Java/Agent.BR trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\687efa1e-329a40a1
a variant of Java/Agent.BR trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\375e065f-2df13aa1
a variant of Java/Agent.BR trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\6eee3aa1-7108b629
a variant of Java/Agent.BR trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\37db3fe2-6b8f451f
Java/TrojanDownloader.Agent.ME trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\5fc5a262-7c5b6de7
a variant of Java/Agent.BR trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\1ffc5a4-52f1cf9a
probably a variant of Java/Agent.BR trojan

C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\7390ca6-745f71dc
Java/Exploit.CVE-2010-3562.A trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\665ffb1-290db895
probably a variant of Java/Agent.BR trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\17f8dc74-21b7df23
a variant of Java/Exploit.CVE-2009-2843.B trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\52614f75-16b650d8
probably a variant of Java/Agent.BR trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\781ffd37-6ddeda44
a variant of Win32/Kryptik.PIG trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\5d70cf78-35d96c99
a variant of Java/Agent.AB trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\10fa0cb9-7e2b33cf
probably a variant of Java/Agent.BR trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\3fc0aefb-5e399c84
a variant of Java/Exploit.CVE-2009-2843.B trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\30c92f3c-42d03011
a variant of Java/Agent.BR trojan
C:\Users\Wykia\AppData\Roaming\1CF6DEFF1CC8A2AF8A4D3B9C32060FB9\local.ini
Win32/Adware.AntimalwareDoctor.AE.Gen application
Operating memory
Win32/Toolbar.Zugo application




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users