I have been getting a lot of fake trojans and fakeav. Alot of the spyware is marked removed but the viruses are only blocked I have run norton and I am to date on live update. I have run spyware doctor it just keeps finding and removing the same things and so does malewarbytes . here is a list of the ones that are not going away.
Adware.lop blocked several times
Trojan.FakeAV blocked many times
tried running Hijackthis but The option to run as admin is not there so it is denied access
and im running malwarebyts to get the log file to post not sure what to do about hijackthis
Can you boot into SAFE mode and run Norton from there?
Otherwise I believe that turning off System Restore my stop malware from being reinstalled but wait for someone more knowledgable to help about that one.
But if you can boot into SAFE Mode which usually involves pressing a specific KEY while booting up and which depends on your computer so check your instructions.
I can do either. and safe mode is F8 when booting on mine but turning off restore was first thing i did when the problem presented itself. Should I go run Norton in SAFE. It finds everything but only blocks the high risk. and it comes right back. But if you think it would be better in safe mode I can do that.
OH I though I should also mention my windows mail errors out and i Cant receive my mail at the moment either so this is getting out of hand it all started yesterday.
I'd like to suggest that you run the NBRT (Norton Bootable recovery tool). This tool has the same scanning engine as NIS but because it is run in an off-line mode it has a better chance of proper detection.
Please see instructions on how to create the CD from here.
When you boot to the NBRT, pay careful attention to whether the tool is able to download new definitions, the date of last definitions will be noted at the bottom of the screen.
If this date does not change then you will need to create a Custom NBRT containing your network drivers. The reference link I posted also includes instructions on this.
Note: If possible download this tool and create the NBRT from a non-infected computer.
Not sure if this will help was able to run Hijackthis But i expected more it scanned and finished in like 5 seconds and posted this log
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:58:15 PM, on 7/13/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal
I only found instructions on how to update NBRT does not say how to put it on disk its only a .exe file not in image file such as ISO or anything.
Hi Jerry015,
At the link I posted there are two links within the document itself. One is a link to a PDF document which then contains a link for downloading the ISO, from which you can create the initial NBRT CD. The link for NIS ISO is:
I would recommend burning the CD initially with this. Once you boot to your NBRT, and try to do a scan it will attempt to download new virus definitions from the Internet. Just notice the date at the bottom of the screen and make sure it updates to today's date. If it still retains a date of (I believe) October 2009 or some other past date, it would be an indication that you need custom network drivers to access the Internet from the NBRT. This is when you would need a Custom NBRT containing your specific network card drivers.
The PDF document linked also contains information about how to burn the ISO to CD if you don't already have such an application.
You might be interested to know that a new NBRT is in BETA now and will make this process MUCH easier. It is a fully self-contained package which will do everything for you. I expect this new version of NBRT to be released at probably around the same time as NIS 2011, sometime this fall.
Hope this helps and please let us know if you have any problems creating the NBRT CD.
I see indications from the log you just posted that you also have Spyware Doctor. I would recommend removing this as it will not play nicely with NIS. Did you have Spyware Doctor installed when you first installed NIS?
Do you have any other security (anti-virus, etc) software installed?
I installed spyware doctor yesterday i was trying everything to make it stop. Normally the only things i use is Malwarbytes and NIS . I am running 64 bit windows Vista Home Premium
I installed spyware doctor yesterday i was trying everything to make it stop. Normally the only things i use is Malwarbytes and NIS . I am running 64 bit windows Vista Home Premium
Hi Jerry015,
Thanks very much for the update. I understand where you are coming from. I think we can probably deal with getting rid of Spyware Doctor a bit later one but let's not lose sight of this.
Let's see if you are able to burn the NBRT ISO image to create the CD and try to do an offline scan. Have you tried to burn the CD yet?
I have also asked a colleague to take a second look at the HijackThis log.
I looked at your HiJackThis log and you have some very serious infections. If you still have problems with the NBRT, I would suggest a look at www.bleepingcomputer.com . You have a double trojan running and the longer you stay on the net the worse it will get.
Thanks for taking a second look at the log. And I whole heartedly agree if there are problems getting the NBRT going, then BleepingComputer is the absolute best alternative.
If you have trouble getting the NBRT going you should go to BleepingComputer as mentioned by Dbrisendine as the most important thing is getting rid of your infections.
If you do open a ticket with them be sure to include a copy of HijackThis as I am sure they will want to see this. Also be aware that once you ask for their assistance they have very strict rules that you cannot continue asking for help elsewhere. They do this because they don't want to run the risk of you getting any other advice which can make their already difficult job, even more difficult.
But whether you use the NBRT or go to BleepingComputer please be sure to keep us advised of the status.
Once your infections are clean we can further assist you in getting things related to NIS, etc back to normal.
Until this is cleaned I would highly recommend you keep yourself disconnected from the Internet. Only connect back to the Internet when absolutely necessary until your computer gets a clean bill of health or when the NBRT needs to go online to download new definitions.
Best wishes and please don't waste any time on this.
Hey guys sorry for the delay I have been keeping it disconnected I have been a little busy and it was late when I started this Topic I will run NRBT and then see what happens then I will try bleeping if neede which probably will. Thanks for all the help so far . the Iexplore is really annoying it makes mouse click sound every so often its annoying i keep closing it.
That particular .exe should be connected to the running of Internet Explorer. You should find it in taskmanager. Just check the spelling and location of the file to be sure.
Sorry guys cant get my computer to boot that NBRT or whatever it is. I tried booting from disc and booting from a USB drive. I hit F12 it pulls up boot menu I select my DVD drive and it just goes to windows same with the Flash and even set them up as the first boot device. I formatted the flash drive and everything correctly I dunno why everything is being a pain.
Sorry guys cant get my computer to boot that NBRT or whatever it is. I tried booting from disc and booting from a USB drive. I hit F12 it pulls up boot menu I select my DVD drive and it just goes to windows same with the Flash and even set them up as the first boot device. I formatted the flash drive and everything correctly I dunno why everything is being a pain.
HI Jerry015
Were you able to burn the NBRT .iso image to a CD using something like Roxio CD Creator.