Norton Internet Security 2010 is helpless against Trojan.FakeAV

Archive
1

Ok.  I have done 2 days of reading, and have tried everything I can think of and was suggested to remove this thing. 

 

First of all how was I infected.  I had a copy of NIS 2009.  It was expired and I thought I would try "Microsoft Security Essenstial" for a bit:

 

1- I insalled it (Security Essentials that is)

2- It was up to date

3- It seemed to work good for a month or so ... and

3- I was browing the website syfy.com[The SciFI channel website] yesterday [5/2/2010] using internet exploder 8 (I never install flash on Firefox) when I was suddenly infected with this virus.  It was not one payload.  It was three. 

 

I tried to remove it using the Micro$oft product; but, no luck. 

 

So I insalled my copy of Norton Internet Security 2010 and made sure I updated EVERYTHING.  Yes, I already had a copy but I was trying out the stupid MS-SE mentioned above.  

 

I scanned for the virus and Norton Internet Security 2010 failed miserably!!!!  It would read something like 5040 files and then STOP.  One cpu would fluctuate between 50-70% and the other CPU (the so called norton one would fluctuate between 30-35%,  But the file reading stopped at that point.  I wanted some 30 minutes and tried the second suggestion which was:

 

1- Turn off system restore ( I had  done this ages ago; but, I decided look anyway, and ....

    . A FAKE C: drive had been created.  It was called C:(NOT Detected) or some other moronic name like it.  The real "C" drive was listed above it was it should have been.  So I unclicked the the fake drive and it disappeared. 

 2- Reboot it "SAFE MODE" which I did

 3- Do a full scan.

 

The Scan ran all night.  In the morning I saw three viruses.  Not sure what they were.  I assumed that the problem was solved.  I rebooted and DAMMIT, 30 seconds later the Norton auto-protect feature told me that it detected Trojan.FakeAV. 

 

I am not sure what generation this thing is.  It has the ability to stop Norton from scanning it.  I already ran a scan in "safe mode"  not sure what it left to do. 

 

I know certain information in my post is vague.  I am currently running "Trinity Rescue Kit" with ClamAV on my laptop right now.  It has been running for 5 hours now (since this morning after Norton Internet Security 2010 blew it.)  

 

Trinity is a long shot.  I will update my post after it is done (hopefully today) with more detailed information.  If you guys can think of anything off the top of your head .... then please help otherwise plase standby for more info .....

 

 

Ben.

 

[edit: Please do not link to potentially dangerous websites per the Participation Guidelines and Terms of Service.]