Solved Vista Antivirus 2012 is driving me crazy..

June 18, 2011 at 16:50:35
Specs: Windows Vista
Vista Antivirus 2012??
Hello,
I have that vista antivirus 2012 malware. I just had the following report from roguekiller.
Can you please tell me what to do?
Thank you!


RogueKiller V5.2.3 [06/16/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discuss...

Operating System: Windows Vista (6.0.6001 Service Pack 1) 32 bits version
Started in : Normal mode
User: Muge [Admin rights]
Mode: Scan -- Date : 06/19/2011 02:12:47

Bad processes: 1
[SUSP PATH] qvm.exe -- c:\users\muge\appdata\local\qvm.exe -> KILLED

Registry Entries: 7
[ROGUE ST] HKCU\[...]\Run : 1184311003 (C:\Users\Muge\AppData\Local\qvm.exe) -> FOUND
[ROGUE ST] HKUS\S-1-5-21-1030740680-2698106834-3648871752-1000[...]\Run : 1184311003 (C:\Users\Muge\AppData\Local\qvm.exe) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{1BAFA063-F785-493C-9CE6-36D15DA783FE} : NameServer (8.8.8.8,8.8.4.4,192.168.2.1) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{1BAFA063-F785-493C-9CE6-36D15DA783FE} : NameServer (8.8.8.8,8.8.4.4,192.168.2.1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[FILEASSO] HKLM\[...]Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command : ("C:\Users\Muge\AppData\Local\qvm.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") -> FOUND

HOSTS File:
127.0.0.1 localhost
::1 localhost
127.0.0.1 activate.adobe.com
209.85.229.99 youtube.com
74.125.43.103 google-analystics.com
72.14.213.93 lh4.ggpht.com
72.14.213.93 lh4.ggpht.com
72.14.213.113 auth.keyhole.com
74.125.79.100 uk.youtube.com
74.125.79.100 de.youtube.com


Finished : << RKreport[1].txt >>
RKreport[1].txt


See More: Vista Antivirus 2012 is driving me crazy..

Report •

#1
June 18, 2011 at 18:14:28
Spyware doctor should remove it:
http://pack.google.com/intl/en/inst...
Let me know how you make out, thanks

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

#2
June 18, 2011 at 18:26:29
Thank you for the reply.
Before downloading Spyware Doctor, I would like to tell you that I also scanned my PC with Avira Antivirus, which I trusted up until now but this time the report I had after a thorough scanning was that no detection existed!! What's going on? Does this mean that the antivirus programs are weak and therefore of no trust any more?

Are you sure I will get rid of Vista Antivirus 2012 with that Spyware Doctor because as I searched in many forums, some problems remain. Should I remove manually some of the registries that are shown in the report I sent above?

Thank you.


Report •

#3
June 18, 2011 at 18:28:58
✔ Best Answer
machiavelli,

As I replied to your other post, and, after requesting that you start a topic here for me to help you, I will be glad to work with you on the results of RougeKiller, which you already had run, and eradicating Vista Antivirus 2012.

However, if you wish to follow Post #1 above, it is your decision.

Just let me know if you want to proceed with RougeKiller.

Thank you!

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

Related Solutions

#4
June 19, 2011 at 02:17:05
aaflac44

I will proceed according to your implies. Please tell me what I should do with Roguekiller.

That malware is really driving me crazy.
So by taking a look at my report, what do you suggest me to do? I saw in the end of a registry, the word KILLED. What is that?

Thank for your kind assistance,
Looking forward to your reply.


Report •

#5
June 19, 2011 at 04:25:02
#Option 2#

(2nd Report)

RogueKiller V5.2.3 [06/16/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discuss...

Operating System: Windows Vista (6.0.6001 Service Pack 1) 32 bits version
Started in : Normal mode
User: Muge [Admin rights]
Mode: Remove -- Date : 06/19/2011 14:23:25

Bad processes: 0

Registry Entries: 6
[ROGUE ST] HKCU\[...]\Run : 1184311003 (C:\Users\Muge\AppData\Local\qvm.exe) -> DELETED
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{1BAFA063-F785-493C-9CE6-36D15DA783FE} : NameServer (8.8.8.8,8.8.4.4,192.168.2.1) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{1BAFA063-F785-493C-9CE6-36D15DA783FE} : NameServer (8.8.8.8,8.8.4.4,192.168.2.1) -> NOT REMOVED, USE DNSFIX
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[FILE ASSO] HKLM\[...]Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command : ("C:\Users\Muge\AppData\Local\qvm.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") -> REPLACED : ("C:\Program Files\internet explorer\iexplore.exe")

HOSTS File:
127.0.0.1 localhost
::1 localhost
127.0.0.1 activate.adobe.com
209.85.229.99 youtube.com
74.125.43.103 google-analystics.com
72.14.213.93 lh4.ggpht.com
72.14.213.93 lh4.ggpht.com
72.14.213.113 auth.keyhole.com
74.125.79.100 uk.youtube.com
74.125.79.100 de.youtube.com


Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt


Report •

#6
June 26, 2011 at 12:02:54
Restart your computer..hit the F8 key..scroll down to directory services restore mode...enter..this will clean the C drive....worked for me.

Report •

#7
June 26, 2011 at 14:31:03
Just use Spyware Doctor like I mentioned in response #1

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

Ask Question