An Accepted Solution is available for this post.
FIOS in-home agent update has p2p dropper virus.
Woodiman
Newbie
‎10-07-2010 12:52 PM

I did an update to the inhome agent I downloaded in the past and Malwarebytes and Norton (NIS) 2010 says it was infected. Thinking it must be a mistake I allowed it. BIG MISTAKE! There were a dozen or more files that took over my PC and I lost the ability to do a system restore and lost folder options. eventually it disabled Norton after restarting. It was the worst case I've ever had.

Long story short... after two days of reinstalling windows and other applications it did it again! I have Norton Internet Security which blocked MOST of the attacks! And even had Windows defender block some after it killed Norton. I also use Malarebytes which has never let me down before. I downloaded and installed In-Home agent again and Malwarebytes blocked it again!

Having blocked it Norton didnt detect anything!

Unfortunately I didnt have a chance to save the Norton logs from the first time. Here is the Malwarebytes log. Keep in mind this is only the start of infection and what I allowed thru... if you allow it thru BEWARE!

19:24:16    User    DETECTION    C:\Users\User\AppData\Local\Temp\Verizon_Installer\Setup\MotiveClient\AXB.exe    P2P.Dropper    ALLOW
19:25:03    User    DETECTION    C:\Users\User\AppData\Local\Temp\AXB.exe    P2P.Dropper    ALLOW
19:25:58    User    DETECTION    C:\Users\User\AppData\Local\Temp\ArcC60.tmp\BundleInstaller64.exe    P2P.Dropper    ALLOW
19:26:01    User    DETECTION    C:\Users\User\AppData\Local\Temp\AXB.exe    P2P.Dropper    ALLOW
19:26:59    User    DETECTION    C:\Users\User\AppData\Local\Temp\AXB64.exe    P2P.Dropper    ALLOW
19:28:24    User    DETECTION    C:\Users\User\AppData\Local\Temp\OCB.exe    P2P.Dropper    ALLOW
19:28:40    User    DETECTION    C:\Users\User\AppData\Local\Temp\CDB.exe    P2P.Dropper    ALLOW
19:28:55    User    DETECTION    C:\Users\User\AppData\Local\Temp\AGB.exe    P2P.Dropper    ALLOW
19:34:27    User    MESSAGE    IP Protection stopped

See this pix for Malwarebytes warning!

http://picasaweb.google.com/lh/photo/rtgmn8Gf9WIeudECpV8gUg?feat=directlink

And yes... I did do a complete scan with both Malwarebytes and Norton before trying to install In-Home Agent again. My system was completely clean! Both times actually!

Any ideas??? And NO, I know better than to ask tech support for help... lost cause there!

0 Likes
Reply
5 Replies
An Accepted Solution is available for this post.
Re: FIOS in-home agent update has p2p dropper virus.
GaryDoug
Specialist - Level 1
‎10-07-2010 11:00 PM

Modern pc viruses frequently ride the coattails of legit updates on their way into your pc. Not likely to be a Vz issue but rather a timing issue as to when you opened the door. Most likely the door was creeped open earlier by something you downloaded and your AV didn't catch. Try to remember what you did right before the incident and it is lkely the source.

Reply
An Accepted Solution is available for this post.
Re: FIOS in-home agent update has p2p dropper virus.
Woodiman
Newbie
‎10-08-2010 08:23 AM

I can see that being the cause... but the second time after slicking and reinstalling everything??? The exact same warning from malwarebytes came up during installation of updates during install process. I wont ignore the warnings from malwarebytes, although I'm tempted to try. If I knew for sure I could do a sys restore afterwards I probably would. But it killed system restore, folder options, regedit and Norton the first time. It was bad enough no online scanners worked, and couldnt install any A/V or A/M programs.

Anybody else have Malwarebytes? Can you do the in-home agent including updates during install? The actual program download was okay... when it checked online during install it checked for updates, found some and thats when it finds the P2P dropper (if ignored theres MANY more to come!)

System info:

Windows 7 64 bit

Norton Internet Security 2010

Malwarebytes 1.46

0 Likes
Reply
An Accepted Solution is available for this post.
Re: FIOS in-home agent update has p2p dropper virus.
spacedebris
Master - Level 2
‎10-08-2010 02:13 PM

I normally dont have IHA installed but I was curious so I installed it and let it update. (about an hour ago). Ran a scan with Malwarebytes. Came up clean. I also ran a full system scan with AVG and it came up clean as well.  Anyone else?

The difference for me is I'm using Vista

0 Likes
Reply
An Accepted Solution is available for this post.
Re: FIOS in-home agent update has p2p dropper virus.
prisaz
Legend
‎10-08-2010 05:00 PM

First problem Norton! Isn't he dead? I think that is one of the reason Verizon security suite no longer uses it. His name lives on but I don't think he has written code dind 1990.

False positive or wild hit from the internet perhaps and not Verizon? But it would not surprise me if they were hot. I don't use any of their software. IHA seems like no use to me, and it gets pushed like a cure for cancer.

Reply
An Accepted Solution is available for this post.
Re: FIOS in-home agent update has p2p dropper virus.
KaLin
Khoros Partner
Khoros Partner
‎10-17-2010 01:58 AM
Moved for greater exposure
0 Likes
Reply