06-01-2011 10:43 AM - edited 06-01-2011 10:45 AM
I've been having a lot of pop up windows from a program called Win 7 Anti-Virus 2011, a program that I did not install and follows the usual "rogue antivirus" pattern of telling me my computer is infected, showing perfectly legitimate files as threats, and telling me that, as it is the only piece of software strong enough to deal with these threats, I should promptly register it and give all my personal information to them.
Anyway, I ran a standard full-system scan, got nothing but tracking cookies, and figured that good ol' Norton 360 wasn't quite up to the task. I followed the "still having issues?" links and downloaded Norton Power Eraser. The problem is, I can't seem to connect to the server. I know that the server is hardly the most reliable on earth, but I'm worried that, due to the fact that I have a fairly obvious piece of ingrained malware, it might be blocking my attempts to access the server (if that's doable... I've heard that some programs can interfere). I have been trying for two days now and can't seem to get on. My question is: should I allow more time for it to try and connect, or is there something else I should do to get it working.
As for my system specs:
I'm running Windows 7 professional 64-bit on a partitioned Mac laptop with Norton 360. I can't seem to check the version number for N360 at the moment as my computer is in safe mode (trying to run NPE...), but it was the most recent version as of last week. I had no trouble getting into support sites/forums to learn about my problem.
Any help you have would be appreciated. I'll keep checking back here when I can, tell me if you need any more specs/information.
06-01-2011 07:35 PM
Yes, this malware is able to block access to websites in order to prevent the user from obtaining removal help. See the writeup here (if you can get there):
06-02-2011 11:01 AM
I followed the steps, but I keep getting a blue screen of death during the scan... I also can't seem to boot out of safe mode if that affects it. Unfortunately, I can't seem to catch the message on the Blue Screen. Any advice?
06-04-2011 07:57 AM - edited 06-04-2011 08:04 AM
Moxy, you can try Symantec newest recovery tool. NBRT Beta. It has the same NBRT components like retail one but also has a capability to download Norton Power Eraser Beta which can scan inactive systems. Try to use it.
1. Download this tool from here: http://security.norton.com/nbrt/nbrt.aspx?env=beta and install it on clean PC.
2. Follow the instructions "How to create rescue media using NBRT.
3. Use the Norton Beta key which you can obtain simply by registering NIS/NAV 2012 Beta.
4. Boot from the rescue media and try to run NPE.
5. If you will not be able to connect to the Internet but the network driver will be on - try to do the following steps:
Open NBRT command prompt and type:
(if you are using dhcp capabilities of your internet router)
netsh interface ip set address name="Local Area Connection" source=dhcp
also you need to set dns server
netsh interface ip set dnsservers name="Local Area Connection" source=dhcp
(if you are using static ip for your internet connection*)
netsh interface ip set address name="Local Area Connection" static 192.168.1.1 255.255.255.0 192.168.1.254 1
also you need to set dns server
netsh interface ip set dnsservers "Local Area Connection" static 192.168.1.254 primary
For static binding
NOTE (IP addresses 192.168.1.1, 192.168.1.254, subnet mask(255.255.255.0) - are only examples. You need to enter right ip address for your computer, default gateway, primary dns and also the right subnet mask).