Discussion in 'Computer Science & Culture' started by The Flemster, Oct 19, 2008.
I prefer the sound of the second one, if I'm honest...
Log in or Sign up to hide all adverts.
Okay what I would do is:
Firstly attempt to uninstall Norton (That means using Add/Remove Programs) This will mean that if Norton is somehow bugging out and causing the problem, that it won't exist anymore to cause the problem.
This will potentially leave you vulnerable so I suggest not visiting any websites other than those mentioned. Try the Hijack this program after you've uninstalled (and rebooted) Norton. (The reboot just cleans out any uninstall leftovers)
If it works you should get a chance to create a text file log that you can post here. If not the longer route is to copy your processes one by one from the Task Manager (It's what Hijackthis does anyway)
The reason for this is any number of those processes could be rogue and if they are rogue they likely have a way they execute with and that has to be dealt with before they can be fully removed. (There is no point closing rogue processes down because most will just reopen)
Once we have that information it will be easier to patch your system back to health.
Did you update your Operating system when you recently got online? If you haven't it's one of the first things that should be done, those updates cut down a number of infections and exploits.
It will work as long as you have a restore point that is prior to the infestation, otherwise it means the manual approach which is a little tedious but you can learn how to handle such problems in the future.
I'm all for learning but I'm more for getting back to health!
I'll do as you say and let you know what happens.
Do a google search for "Combofix.exe" from bleepingcomputer.com. It is the best way to get rid of smit fraud infections. It's free and does a good job of getting rid of them.
Just took a look at their site. Looks promising too.
Hopefully, one of these options will work!
Btw, how would I know if I updated my operating system when I went online last week?
Cos it seemed to do an awful lot of automatic updates and I didnt keep track of them all...!
The best way to be sure you have all possible Windows updates is to go to Windows Update, http://www.update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us . You have to use Internet Explorer. Let it scan for updates, and you'll know if you are completely up to date or not.
I deal with at least 5 of these type infections a week. I have 3 machines on my desk right now with Smit fraud (fake virus scanner) infections. I always start with combofix..then use AVG to clean up the scrapes.
I've not tried combo fix, but the last one of these I dealt with was completely cleaned up with Spybot.
It's sweet. I think its better than "Smitfraudfix" which is another good one.
Tried AVG and Spybot but they both wanted cash to remove the viruses. Cash is something I just dont have right now!
Spybot is, and has always been, free. http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10122137.html
Go and get it.
There is a free version of AVG...it's what I use. Combofix is also free.
I haven't used spybot in a while...but it has a great reputation also.
Both versions I found were free to install but, once they found and identified the viruses, they wanted money to fix them.
Right. I'm switching back to my own pc now so I can try out some of these suggestions.
Then you didn't get Spybot Search and Destroy. Maybe something else called Spybot? Wouldn't surprise me, most good free programs spawn ripoff imitations.
I'm not sure which version you downloaded...but the free version of AVG and spybot will remove viruses without paying for anything.
It's why I use avg....I'm a cheap bastard!
Right, I'm back online at home. The virus has spread and is now making it very hard to get away from Google search.
I need to act now, so, what should I do first, guys?
Okay, Spybot wont install. It gets a bit into it then a box appears telling me a connection to the server cant be found.
Separate names with a comma.