Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.
Firstly, I would review the steps listed in How To Troubleshoot a Suspected Malware Infection and follow them until the malware was removed:
http://community.norton.com/norton/board/message?board.id=Announcements&thread.id=9&jump=true
Then, I would review the website below for information on Misleading Applications:
http://www.symantec.com/norton/theme.jsp?themeid=mislead
Many times, Misleading Applications are blended threats that deliver other malware to your system, that are designed to try to disable your current security software. Without knowing the specifics of your situation, it's difficult to speculate how this happened, except that you saw a popup for the VistaAntivirus2008 and installed this program. Please let me know if you have questions about the above steps, or if you have already tried these steps and the problem still exists. Thanks!
I have followed these instructions, along with the Vista Antivirus 2008 manual removal instructions found elsewhere on this forum. I am not having any luck though as the virus has disabled task manager on me. Norton 360 says that it has detected a threat that needs me to perform some manual tasks to remove it. When I click on the button for details, or for help with this task, nothing happens. I have had this virus on my system for over a week now and am at my witts end. Please, can anyone give me any more suggestions?
Can you run a Kaspersky Onlin Scan and send me the logs in a PM please? We will try to resolve this for you.
Follow Johna's advice and look for a Private Message at the top right of the thread
Also worth looking here
If there is something you cannot do in any of the instructions, these or others, just let us know.
I am running Kaspersky's Online Scanner as I type this message... I am not feeling to positive about it working however. I have found various other sets of manual removal instructions during my searches... the problem is that this Vista Antivirus 2008 has somehow disabled all my administrative powers on my machine and made itself a "Super User". I seem to have less control over my system than if I were logged in on the guest account. :(
If anyone else has any other suggestions I, and I am sure there are others out there too, would love to hear them.
Thanks again for the help
I just got home and Kapersky is finished with it’s scan. It found one threat on my F: drive, but nothing serious. I thought this was sort of odd but then I noticed that my C: no longer shows up. I know that it is there because that is where my OS is installed, but once again it would seem my privileges have been removed by this extremely frustrating virus. Has anyone else out there been able to best this virus yet?
We should be able to get rid of this for you. Did you mean the Kaspersky scan would not scan your C drive? Did you click on My Computer for the scan? If so, can you please go into 'Safe Mode with Networking' and run the Kaspersky Online Scan again, then save the logs to your desktop, where you can retrieve them.
Let us know if you are unable to perform the above. Thanks
Edit: Try the solution in my post below before trying the above.
If you take the external link I provided and follow the instructions for removal, can you advise if you were succcessfuly or not, and/or where you had trouble. If you cannot rely upon a scanner or its does not work, you have to do this manually or try another scanner. You did not make clear whether you tried Microsoft onecare.
I appreciate how difficult this is. A virus has either got to be loaded on reboot or it has infected a core file.
Try installing procexp and autoruns from Microsoft. Procexp should kill processes and autoruns can kill anything loaded at reboot programs or services.
OK, here is another solution you may try in the meantime. Method: Link . Note: Do full scan not quick scan as advised. You can perform this in Safe Mode with Networking if you like.
This should fix the problem. You may also want to check for and delete the associated files and registry values shown at the end of the written instructions if they are still present on your PC.
Also, you may want to download and run Hijack this and delete these values if they are still present::
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\Antivirus 2008\Antvrs.exe
O4 - HKCU\..\RunOnce: [3P_UDEC] "C:\Documents and Settings\forensics\Desktop\AtnvrsInstall.exe" 0;C;
O4 - HKCU\..\Run: [Antivirus2008y] C:\Program Files\Antivirus2008y\antvrs.exe
Let us know.
.
I am going to be busy at work the next few days and don't want to deal with my computer right now. lol
I will try the suggestions you have posted though, I really appreciate all the help.
I will be sure to let you all know how it goes... oh, and to answer the question, yes I did use Microsoft Onecare. It was able to install but it would always freeze up when I would try to run it. Also, I did tell Kapersky to scan my computer, but since my C: drive was not showing up I don't think it actually scanned that drive.
I'm feeling pretty confident that I will be able to beat this thing though with all the help you are providing.
OK, keep us up to date! Thanks
It does not sound good, but good luck.
I could recommend trying malwarebytes' anti malware as a way to remove that. I had the xp version of this before i purchased nortons 360 and it dug out the hooks that horrible thing had on my system. I dont mean to be promoting other peoples products on this forum but in the interest of helping to remove that nasty thing, the link is: malwarebytes website. You may have to rename the installer file if the program wont run as that malware thing may lock your access to running it - i know i had to.
I spent an entire evening sorting out that thing. It locked me out of my spyware scanning applications, couldn't access the internet without being redirected to other sites and the nortons I had at the time didnt allow me to remove it at all because what it appeared to do was shutdown my access to anything that I had installed at the time of the infection that was related to spyware or anti-virus. Running that application will show you an entire list of all the hooks it has. I was rather surprised at just how far that thing got in. I reformatted my machine afterwards as a precaution but I had to get all my files off before I could do that.
Anyway, I hope it helps!
[edited to fix link]
Malwarebytes is a step in my solution, it should be run in Safe Mode.
johna wrote:
Malwarebytes is a step in my solution, it should be run in Safe Mode.
johna, I was just seconding your solution. As I have tried it and successfully removed it from my system I do not see a reason why I should not post this to help confirm your solution. In regards to safe mode, mine would not run in safe mode - the only way I could get mine to run was to rename the installer file and do it outside of safe mode. Perhaps mine got a particular setting blocked off I don't know but this is what worked for me. Its just a suggestion in case there are problems for this particular persons problem.
You’re welcome to post anything you like, I just wasn’t sure if you had read my post is all. I had no probs running M/B in safe Mode.
OK, I finally had some time to work on this problem again. I downloaded both HijackThis and Malwarebytes' Anti-Malware, I ran them both in normal mode and safe mode... and surprisingly I believe they fixed my problem. Malwarebytes' seemed to be able to get rid of the virus and return control of my system to me. HijackThis was able to identigy the areas in my registry where the virus had left a mess and I was then able to clean it up. As far as I can tell my system is now back to normal. Thank you so much for all of your help. If anyone else ever has this problem I would strongly recommend making Malwarebytes' part of your solution.
Thanks again,
Nate
Glad to help, remember to mark this as solved.
Hmm... I'm not sure if there is somewhere I am supposed to click to say this is solved...
for now I guess I will just have to say...
SOLVED!!!
Thanks again for all the help.