Ask Me Help Desk

Ask Me Help Desk (https://www.askmehelpdesk.com/forum.php)
-   Internet & the Web (https://www.askmehelpdesk.com/forumdisplay.php?f=177)
-   -   Redirect/Site Blocking Virus (https://www.askmehelpdesk.com/showthread.php?t=283901)

  • Nov 22, 2008, 10:51 AM
    Bill D
    Redirect/Site Blocking Virus
    This is a nasty one. I run Symantec/Norton virus protection. But, my LiveUpdate for new definitions is blocked. I'm also blocked from downloading SpyBot, and AdAware doesn't catch it. I get redirects when I click on some results in Google and Yahoo, so I have to copy/paste those URLs to get there. I'm also blocked from going to the Symantec Customer Support page. Does anybody have any suggestions (or even a direct phone line to Symantec Customer Support, I suppose)?

    Thanks!
  • Nov 23, 2008, 02:32 PM
    crigby

    Hi,
    I am not a fan of Norton. It is and has been one of the "big" targets for malicious activity along with Windows, IE and PHP. It does not un-install easily without help from Symantec, they have an uninstaller there.
    My suggestion would be to turn it off, click on the icon in the System Tray, lower right mostly. And choose to stop it. Then try one of the other freeware programs, Avast and AVG are both good programs.I use SpyBot instead of AdAware, incidentally. You may need to try CCleaner to see if it will help.
    Now for the bad news. Sounds like you are "well infected!" Didyou download some tool/browser bar? If so, that would be a likely suspect. Remember the name? FastWeb or something like that? It takes a Registry cleaning job to get rid of it. Not for the faint of heart, care must be exercised. It is done from the Run option of the Start menu and typing in regedit. Use the Find menu and the name of the offending program to find all instances. Keep searching again and again to remove all instances. IMPORTANT: when removing Keys only remove thepart at the highest level that the program references. By way of explaining that, if you findit in a Key and there is a "Default" item also with it, leave it alone(should basically be almost blank.) This is only if you have a clue about the name and it may give you ideas of other names to look for like the company name.Often there are three or four separate names to look for.
    Good luck and be careful if you take the Registry route. Back it up first if you know how.
    Peace,
    Clarke
  • Nov 23, 2008, 04:22 PM
    seahwk83

    Try and download and run malwarebytes, you can use it for free, the full version just allows real time scanning but can be run as a stand alone product
    Malwarebytes.org

    This will more than likely find some things to look at, let it do recommended fixes
  • Nov 24, 2008, 10:28 AM
    Bill D
    Okay, thanks crigby & seahwk83. I'll try what you suggest.
  • Nov 24, 2008, 10:33 AM
    NeedKarma
    Quote:
    Originally Posted by seahwk83 View Post
    try and download and run malwarebytes, you can use it for free, the full version just allows real time scanning but can be run as a stand alone product
    Malwarebytes.org

    This will more than likely find some things to look at, let it do recommended fixes
    That sounds right since the description has all the hallmarks of that Antivirus 2008 infection.

    • All times are GMT -7. The time now is 06:21 AM.