Camaro5 Chevy Camaro Forum / Camaro ZL1, SS and V6 Forums - Camaro5.com
 
Vector Motorsports
Go Back   Camaro5 Chevy Camaro Forum / Camaro ZL1, SS and V6 Forums - Camaro5.com > Members Area > Off-topic Discussions

Off-topic Discussions Discuss any off-topic subjects with other members.

Reply
 
Thread Tools
Old 03-15-2009, 12:15 AM   #1
Banshee
Institutionally Insane
 
Banshee's Avatar
 
Drives: 2013 IOM 2SS/RS 1LE
Join Date: Feb 2009
Location: Detroit MI
Posts: 1,926
Any Computer Experts? 2009 Antivirus virus

Some how got it a few days ago..

Ran 5 malware programs, 3 virus programs. No luck

Restored computer back 7 days, ran malware, no luck. Now I can't use system restore because there are no reference points.

Running in safe networking mode only.

Anyone know how to fix?
__________________
It's got a cop motor, a 440 cubic inch plant, it's got cop tires, cop suspension, cop shocks. It's a model made before catalytic converters so it'll run good on regular gas. What do you say, is it the new Bluesmobile or what?
Banshee is offline   Reply With Quote
Old 03-15-2009, 12:19 AM   #2
Ject
aka Patrick
 
Ject's Avatar
 
Drives: '10 Camaro 2SS '04 Silverado
Join Date: Jan 2009
Location: Derby Kansas
Posts: 3,099
Send a message via Yahoo to Ject
If Antivirus 2009 has been installed on your system some how without your permission or you are seeing a popup advertising on your desktop (taskbar?) or recommending that you use Antivirus 2009 to clean your system..... then you have the zlob trojan.

Follow the instructions below for FREE removal.

Please update this program before scanning.
http://www.malwarebytes.org/forums/i...showtopic=5178

Edit...Any problem removing in normal mode ....try scanning again in safe mode (without networking)
how to enter safe mode (for sh!ts and giggles): http://www.pchell.com/support/safemode.shtml




If the above doesn't work try Removing Antivirus 2009 (Manually): ONLY attempt this if you are familiar with Regedit. Pleas.. please.. please.. create a backup of your regedit before ever changing anything in it.

1. Press Ctrl + Alt + Del then find and End the following processes:
* av2009.exe
* AV2009Install.exe
* Antivirus2009.exe

2. Delete the following files from your PC:
* %UserProfile%\Desktop\Antivirus 2009.lnk
* %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk
* %UserProfile%\Local Settings\Temporary Internet Files\Content.IE5\S96PZM7V\winsrc[1].dll
* %UserProfile%\Start Menu\Antivirus 2009
* %UserProfile%\Start Menu\Antivirus 2009\Antivirus 2009.lnk
* %UserProfile%\Start Menu\Antivirus 2009\Uninstall Antivirus 2009.lnk
* c:\Program Files\Antivirus 2009
* c:\Program Files\Antivirus 2009\av2009.exe
* c:\WINDOWS\system32\ieupdates.exe
* c:\WINDOWS\system32\scui.cpl
* c:\WINDOWS\system32\winsrc.dll

3. Click Start > Run, type regedit, Find and delete the following registry entries:
* HKEY_CURRENT_USER\Software\
75319611769193918898704537500611
* HKEY_CLASSES_ROOT\CLSID\
{037C7B8A-151A-49E6-BAED-CC05FCB50328}
* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Explorer\Browser Helper Objects\
{037C7B8A-151A-49E6-BAED-CC05FCB50328}
* HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Run "75319611769193918898704537500611"
* HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Run "ieupdate"


If all goes well, this fake Antivirus 2009 software should now be removed from your computer.
Both Methods have effectively worked for me on customer PC's
Enjoy!
__________________
Current Modifications: Your average Bolt-ons & Suspension Upgrades
GForce Engineering: 9" Rear End, Strange Pro Iron Case w/Moser Nodular 3.70:1 Detroit locker, 3.5" Solid Drive Shaft

Last edited by Ject; 03-15-2009 at 12:34 AM.
Ject is offline   Reply With Quote
Old 03-15-2009, 12:43 AM   #3
Banshee
Institutionally Insane
 
Banshee's Avatar
 
Drives: 2013 IOM 2SS/RS 1LE
Join Date: Feb 2009
Location: Detroit MI
Posts: 1,926
I have tried using that link in safe mode. No luck.

Safe mode or safe mode with networking?

I have checked my processes, none of the 3 are running.
__________________
It's got a cop motor, a 440 cubic inch plant, it's got cop tires, cop suspension, cop shocks. It's a model made before catalytic converters so it'll run good on regular gas. What do you say, is it the new Bluesmobile or what?
Banshee is offline   Reply With Quote
Old 03-15-2009, 12:44 AM   #4
Banshee
Institutionally Insane
 
Banshee's Avatar
 
Drives: 2013 IOM 2SS/RS 1LE
Join Date: Feb 2009
Location: Detroit MI
Posts: 1,926
Ah I see, without networking... BRB
__________________
It's got a cop motor, a 440 cubic inch plant, it's got cop tires, cop suspension, cop shocks. It's a model made before catalytic converters so it'll run good on regular gas. What do you say, is it the new Bluesmobile or what?
Banshee is offline   Reply With Quote
Old 03-15-2009, 01:23 AM   #5
Banshee
Institutionally Insane
 
Banshee's Avatar
 
Drives: 2013 IOM 2SS/RS 1LE
Join Date: Feb 2009
Location: Detroit MI
Posts: 1,926
None of the three processes you posted were found.

I tried 3 times to use that malware link in safe mode only...Stopped working at 42, 45 and 49 seconds.

I did get the quick scan to work again in safe mode..no problems.

I have Windows Vista...
__________________
It's got a cop motor, a 440 cubic inch plant, it's got cop tires, cop suspension, cop shocks. It's a model made before catalytic converters so it'll run good on regular gas. What do you say, is it the new Bluesmobile or what?

Last edited by Banshee; 03-15-2009 at 01:55 AM.
Banshee is offline   Reply With Quote
Old 03-15-2009, 01:59 AM   #6
Xanthos
Almost-Original Postwhore
 
Xanthos's Avatar
 
Drives: Stick
Join Date: Mar 2008
Location: Oklahoma
Posts: 12,658
I got the Zlob trojan a while back and it proliferated so much that I eventually ended up having to completely wipe the drive to get rid of it. And I consider myself very computer literate (having worked in the IT field for a few years. I won't say I know everything, but I know a lot).

I wish you the best of luck in what will probably end up being a very extensive battle. My best tools against it were SAV Corp., Spybot S&D, and AdAware SE - using them I at least kept the computer usable, but I was never able to get rid of it all together. Hince the reformat.
- Xanthos
__________________
Xanthos is offline   Reply With Quote
Old 03-15-2009, 02:41 AM   #7
manimsoblack

 
manimsoblack's Avatar
 
Drives: 04 Pontiac Grand Am, 08 Ninja 650r
Join Date: Jan 2009
Location: Bradenton/Ruskin FL
Posts: 1,244
Quote:
Originally Posted by XanthosV6 View Post
I got the Zlob trojan a while back and it proliferated so much that I eventually ended up having to completely wipe the drive to get rid of it. And I consider myself very computer literate (having worked in the IT field for a few years. I won't say I know everything, but I know a lot).

I wish you the best of luck in what will probably end up being a very extensive battle. My best tools against it were SAV Corp., Spybot S&D, and AdAware SE - using them I at least kept the computer usable, but I was never able to get rid of it all together. Hince the reformat.
- Xanthos

Same here. And then two weeks later my aunt got it and i figured it out.

Download AVG free onto a thumbdrive from another comp as it blocks you from visiting the site. Install it in safe mode. Run it. Copy and paste the paths of all the infected files it finds and manually delete them and empty your recycle bin. Restart and you should be good.
__________________
Quote:
Originally Posted by Kyle2k View Post
You take a shit on everything fun and good on this forum.
manimsoblack is offline   Reply With Quote
Old 03-15-2009, 02:42 AM   #8
Xanthos
Almost-Original Postwhore
 
Xanthos's Avatar
 
Drives: Stick
Join Date: Mar 2008
Location: Oklahoma
Posts: 12,658
Quote:
Originally Posted by manimsoblack View Post
Same here. And then two weeks later my aunt got it and i figured it out.

Download AVG free onto a thumbdrive from another comp as it blocks you from visiting the site. Install it in safe mode. Run it. Copy and paste the paths of all the infected files it finds and manually delete them and empty your recycle bin. Restart and you should be good.
I'll have to try this if it ever happens again.
- Xanthos
__________________
Xanthos is offline   Reply With Quote
Old 03-15-2009, 04:17 AM   #9
Scott@Bjorn3D


 
Scott@Bjorn3D's Avatar
 
Drives: Kami, 2013 2SS LS3 Luvin
Join Date: Oct 2008
Location: Eufaula, Alabama
Posts: 6,159
Send a message via MSN to Scott@Bjorn3D
Also put Combofix on a thumb drive and run it: http://www.bleepingcomputer.com/comb...o-use-combofix

If you did have an real antivirus package it will say it is installed, tell it ok and keep running it.

I work at a computer shop and here is what we do.

Combofix first
Malawarebytes second
Spybot Search and Destroy third
Download free trail or Norton Internet Security 2009 and run it 4th

If machine starts running find after all that then buy the Norton trail to protect you in the future.
__________________
2013 2SS, GM Strut Tower Brace, CAI Intake Black, VMAX TB, Elite Catch Can, Hotchkis Chassis Brace, Hurst Shifter, 3.91 1LE Complete Rear End, NPP, 1LE Track Pack,Factory Reproductions Style 41 ZL1 Fitment Wheels 10" on all 4 corners
Scott@Bjorn3D is offline   Reply With Quote
Old 03-15-2009, 04:19 AM   #10
manimsoblack

 
manimsoblack's Avatar
 
Drives: 04 Pontiac Grand Am, 08 Ninja 650r
Join Date: Jan 2009
Location: Bradenton/Ruskin FL
Posts: 1,244
Quote:
Originally Posted by Scott@Bjorn3D View Post
Also put Combofix on a thumb drive and run it: http://www.bleepingcomputer.com/comb...o-use-combofix

If you did have an real antivirus package it will say it is installed, tell it ok and keep running it.

I work at a computer shop and here is what we do.

Combofix first
Malawarebytes second
Spybot Search and Destroy third
Download free trail or Norton Internet Security 2009 and run it 4th

If machine starts running find after all that then buy the Norton trail to protect you in the future.
I usually suggest McAfee over Norton, they give you basically the same product for the same price, and while both are resource hogs Norton can completely kill a slower computer with all the memory it sucks while scanning. McAfee will slow it down but not to the extent of norton.
__________________
Quote:
Originally Posted by Kyle2k View Post
You take a shit on everything fun and good on this forum.
manimsoblack is offline   Reply With Quote
Old 03-15-2009, 06:44 AM   #11
Supermans
Camaro & Stang Enthusiast
 
Supermans's Avatar
 
Drives: 2011 Mustang 5.0 in Kona Blue
Join Date: Mar 2008
Location: Miami
Posts: 4,757
Quote:
Originally Posted by Scott@Bjorn3D View Post
Also put Combofix on a thumb drive and run it: http://www.bleepingcomputer.com/comb...o-use-combofix

If you did have an real antivirus package it will say it is installed, tell it ok and keep running it.

I work at a computer shop and here is what we do.

Combofix first
Malawarebytes second
Spybot Search and Destroy third
Download free trail or Norton Internet Security 2009 and run it 4th

If machine starts running find after all that then buy the Norton trail to protect you in the future.
Can you post the links the these files websites? Thanks
__________________
Bought my Camaro from Eric Hall(817) 421-7266
Supermans is offline   Reply With Quote
Old 03-15-2009, 12:28 PM   #12
Scott@Bjorn3D


 
Scott@Bjorn3D's Avatar
 
Drives: Kami, 2013 2SS LS3 Luvin
Join Date: Oct 2008
Location: Eufaula, Alabama
Posts: 6,159
Send a message via MSN to Scott@Bjorn3D
http://www.bleepingcomputer.com/comb...o-use-combofix

http://download.cnet.com/Malwarebyte...-10804572.html

http://download.cnet.com/Spybot-Sear...html?tag=mncol

http://download.cnet.com/Norton-Inte...html?tag=mncol

There you go. And the new Norton is no resource hog and is much better than any competing product. I fix machines for my living and McAfee machines come in infected all the time.
__________________
2013 2SS, GM Strut Tower Brace, CAI Intake Black, VMAX TB, Elite Catch Can, Hotchkis Chassis Brace, Hurst Shifter, 3.91 1LE Complete Rear End, NPP, 1LE Track Pack,Factory Reproductions Style 41 ZL1 Fitment Wheels 10" on all 4 corners
Scott@Bjorn3D is offline   Reply With Quote
Old 03-15-2009, 01:02 PM   #13
diddiyo


 
Drives: .
Join Date: Jun 2008
Location: .
Posts: 3,073
step 1) sell windows computer
step 2) buy mac
step 3) ???
step 4) profit
diddiyo is offline   Reply With Quote
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
GM Card earnings metalman Camaro Price | Ordering | Tracking | Dealers Discussions 40 01-22-2010 03:55 PM
Northeast Auto Show Schedule- Help! WAY2FAST USA - NY / NJ / PA 9 07-18-2009 10:56 PM
Consensus Feb 6th Plus lots of other key dates UCF w00t 5th Gen Camaro SS LS LT General Discussions 16 01-23-2009 12:39 AM


All times are GMT -5. The time now is 09:05 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.