antivirus 2010

[Denholm]

See if Malwarebytes picks up anything. If it does and afterward you don't experience any troubles, great! Otherwise try a scan with AVG Anti-Rootkit. If it finds any hidden drivers (rootkits) remove them, if that fixes the problem, great! Otherwise run one more scan using Spybot Search & Destroy. If it finds anything, fix it. If this resolves all remaining issues, great! Otherwise get the IT department on the phone. It's time to reformat the computer (which would be safer to do in the first place).

[CAP1]

See if Malwarebytes picks up anything. If it does and afterward you don't experience any troubles, great! Otherwise try a scan with AVG Anti-Rootkit. If it finds any hidden drivers (rootkits) remove them, if that fixes the problem, great! Otherwise run one more scan using Spybot Search & Destroy. If it finds anything, fix it. If this resolves all remaining issues, great! Otherwise get the IT department on the phone. It's time to reformat the computer (which would be safer to do in the first place).

i may end up doing that. i just used my thumb drive to put malewarebytres over there....it;s found 6 items so far.......this is pissin me off bad enough i'm havin trouble concetrating on working on cars right now......

thanks sirs!

ooo.....i'm the dodo.....symantec came on the computer in question, and for almost 2 years there hasn't been a problem. now there's a big enough problem(in my mind) to make up for the lack of problems.

[Hungry]

If you still cant connect try LSPFix, pulling out the virus may have pulled something else out as well.  This offers to rebuild your Layered Stack Protocol I think thats what it is (your connection)

[Denholm]

Great suggestion since I've dealt with some programs who decided to gut the registry before passing on. It took me three hours to track down the problem and re-write the registry keys...

CAP1, I figured perhaps someone at your workplace made the decision that all office computers should be "protected" by Symantec products. If that were the case, the individual would be a dodo for associating Symantec with Security.

[CAP1]

Great suggestion since I've dealt with some programs who decided to gut the registry before passing on. It took me three hours to track down the problem and re-write the registry keys...

CAP1, I figured perhaps someone at your workplace made the decision that all office computers should be "protected" by Symantec products. If that were the case, the individual would be a dodo for associating Symantec with Security.

the problem computer is the office computer in my shop. i'm the king of my kingdom of me, myself and i. 

the symantec came on the machine, and is/has been kept updated, but for some reason was turned off. i'm the only person that touches that machine. if a customer needs internet access, i let them use the machine i'm typing on right now...or if they;re someone i've dealt with before, i give them the password for the wireless network.

 i've been lax in scanning, and maintaining my system, so i guess it's kinda my own fault.

 i tend to turn the office computer off every night, so i'm gonna set it up to scan mid day every 2 or 3 days, at a time i'm most likely top be out in the shop working.

 i hate when i do something stupid like this........

[gyrene81]

That antivirus 2010 thing is a massive pile of viruses stacked into one self installing junkpile...if malwarebytes can't remove everything it stuck on your system, system reload time. I'd be surprised if your system32 directory doesn't get horked up.

It's nothing you could have prevented unless you had noscript installed on firefox...or Spybot Search and Destroy with tea timer active.

[1Boner]

Usually if you get a pop-up stating that "your system is infected" or something, the pop-up is the "door" to the virus.

DO NOT click anything on the pop-up.

Don't hit "cancel" or "no" do not click on anything!

Just reach down and manually shut the computer off.

The moment you click on the pop-up "warning" its all over.

[Saxman]

Be careful shutting down. A lot of times these virus don't kick in until the system reboots. And yes, that includes if you hard shut down.

If it were IE, I'd say to make sure the rogue didn't set any sort of Proxy in the browser (some of them do that) but I don't think Firefox does that.

[1701E]

Don't feel bad Cap, it darn near got me just now.

Went to my squad page and it re-directed to something that popped up saying "You need ------ 2009" (can't remember the exact name), got up and reset the computer without hitting anything, no problems so far, running PCTools scans for anything.

[CAP1]

FINALLY back online with the office machine. got to the point where superantispyware, malewarebytes, and symantec found nothing.
 the lsp fixer thingie found two things, that it removed, and had to add back 11 things.


 as i type this, spybot search and destroy is running...and it's found win32agent.pz, and win32agent.chh

 sheesh..........

oo......i guess this is me getting lax too.......windoze firewall was off(i generally leaveit on), as was spybots teatimer, and symantec. i never turned any of them off, but they all were.

 thanks guys!!

[DREDIOCK]

First run Malwarebytes anti Maleware

http://www.malwarebytes.org/

Then get rid of Nortons and install NOD32

http://www.eset.com/download/

Then for Firefox install the "Noscript" add-on

https://addons.mozilla.org/en-US/firefox/addon/722

[Denholm]

FINALLY back online with the office machine. got to the point where superantispyware, malewarebytes, and symantec found nothing.
 the lsp fixer thingie found two things, that it removed, and had to add back 11 things.


 as i type this, spybot search and destroy is running...and it's found win32agent.pz, and win32agent.chh

 sheesh..........

oo......i guess this is me getting lax too.......windoze firewall was off(i generally leaveit on), as was spybots teatimer, and symantec. i never turned any of them off, but they all were.

 thanks guys!!

Sounds great! As Drediock mentioned, swap Norton for ESET NOD32 (or Smart Security).

[CAP1]

Sounds great! As Drediock mentioned, swap Norton for ESET NOD32 (or Smart Security).

that brings me to a question.

i'm at home now...just got here. running malewarebytes, and superantispywayr as i type this.

 i had a trial version of eset on this computer, but it's been close to a year since i had that. how do i upgrade it now, as the password that i saved(and forgot) has expired.

 also, this machine has vista.....and the windows defender? is on. what's your opinion on that? i'm paranoid now, as i don't want that crap happening here.....


thanks again all of yas!

john

[Denholm]

I'd just go to ESET's ordering page and buy one of their license packs. They're running a special right now for 25% off. Most here will recommend ESET Smart Security. However, it's up to you since the only difference between Smart Security and NOD32 is the loss of the anti-spam and firewall modules.

When you buy the product you can either insert the registration code into your current installation of ESET. Or you can uninstall your current installation of ESET, download the one provided in the registration e-mail, then install ESET. Depending on which version of the software you currently have, I'd opt for the second method.

[MrRiplEy[H]]

i hate when i do something stupid like this........

If it's a task critical computer do not wait, FORMAT and reinstall. Then install a good antivirus and firefox with noscript addon. Do not use the computer for anything else except work related tasks. Do not visit UBB's, video or picture sites etc.

But first of all, FORMAT. You're risking your whole business by continuing to use a compromised system.

Your box may be already DNS poisoned so your banking site is replaced with a criminal copy - they'll empty your account while you pay your bills.