Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Winantivirus trojan.adclicker and infostalker plus popups


  • Please log in to reply

#1
gdaybye

gdaybye

    New Member

  • Member
  • Pip
  • 2 posts
I have done all the "before you post" stuff.
Nortons antivirus (resident and up to date) is not much use here.
The system is in french, that slows me down a chunk.
Drivecleaner was also on here earlier and could be still around
On startup a popup appear "Page not available offline"
If you try to close it 2 or 3 times Nortons finds the trojans and infostalker. Same thing every time.
Then as time goes on the system gets slower until it crawls.
It was loading an IExplore process so I uninstalled IExplore (sort of). That didn`t fool it for long.
When she cannot work any longer I have told her (over the phone) to close the firefox process (CPU~90) using task manager. Then she can work for a time.

Compu is PIV3.0Gb HP with 512 Ram WinXP Home with SP2.
Noted HP had some issues with SP2

Randomly a web page opens trying to get to 202.67.220.227

When I went to safemode I had no screen and no icons.
I ran antispyware via taskmanager (painful but it works).
It found 130 cookies and 6 other things.
Panda found 2 viruses 16 spyware, 4 hacks and 1 dialer
Nortons found NOTHING hmmmmmm
As I don`t live here I tried at least removing cookies in firefox.
Needles to say after a reboot the !$%&* still doesn`t work.

This is my third visit of some duration.

I have on diskette text from combofix, antispyware, Panda and HJT.
I live 20 miles from here but await any reply.

Owner does a lot of web based research, could be a job to get all her work off of the HDD and use the restore partition but that is coming soon.

What a mess. Aaaaaahhhhhhhhhhhh!!! Thanks in advance for any help. I`m going home now bye
  • 0

Advertisements


#2
gdaybye

gdaybye

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

I have done all the "before you post" stuff.
Nortons antivirus (resident and up to date) is not much use here.
The system is in french, that slows me down a chunk.
Drivecleaner was also on here earlier and could be still around
On startup a popup appear "Page not available offline"
If you try to close it 2 or 3 times Nortons finds the trojans and infostalker. Same thing every time.
Then as time goes on the system gets slower until it crawls.
It was loading an IExplore process so I uninstalled IExplore (sort of). That didn`t fool it for long.
When she cannot work any longer I have told her (over the phone) to close the firefox process (CPU~90) using task manager. Then she can work for a time.

Compu is PIV3.0Gb HP with 512 Ram WinXP Home with SP2.
Noted HP had some issues with SP2

Randomly a web page opens trying to get to 202.67.220.227

When I went to safemode I had no screen and no icons.
I ran antispyware via taskmanager (painful but it works).
It found 130 cookies and 6 other things.
Panda found 2 viruses 16 spyware, 4 hacks and 1 dialer
Nortons found NOTHING hmmmmmm
As I don`t live here I tried at least removing cookies in firefox.
Needles to say after a reboot the !$%&* still doesn`t work.

This is my third visit of some duration.

I have on diskette text from combofix, antispyware, Panda and HJT.
I live 20 miles from here but await any reply.

Owner does a lot of web based research, could be a job to get all her work off of the HDD and use the restore partition but that is coming soon.

What a mess. Aaaaaahhhhhhhhhhhh!!! Thanks in advance for any help. I`m going home now bye


Well I finally found an appropriate post that finished the job by starting with downloading and running a vundo file.
That got rid of the winantiviruspro popups. After that I redid all the other (before you post) stuff and it came out fairly clean.
"no screen in safemode" I fixed that by dropping the screen resolution before rebooting, what a relief, I actually thought that the lack of the screen was part of the problem.

I believe this work suggests that the winantivirus selectively succeeds at defeating nortons antivirus software.
Is the vundo routine something written up by your members?
Thanks for having a great set of procedures that work. You can close this post if you like. I don't know how
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP