What's new
By:
Filters
ClioSport.net

Register a free account today to become a member!
Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

  • When you purchase through links on our site, we may earn an affiliate commission. Read more here.

Any computer experts out there?



GR7

GR7

  Shiny red R32
A friend of mine said she has got a problem with her internet. Her antivirus ran out a few weeks ago and she said she was too lazy to renew it straight away. In the meantime she upgraded her internet explorer to verson 7 and downloaded some Led Zepellin!! (probably a mistake but its old school stuff you just cant get on cd!!)

Now when she put the 2007 version of Norton AV in today it has started to behave funnily. Her home page always comes up as [URL="http://www.youriesecure.com"]www.youriesecure.com[/URL] (?) and no matter how many times she tries to change it back, it comes back again. She keeps getting security alerts in the bottom right of the screen saying stuff about spyware and has run a full system scan but norton has not found anything. Now getting pop-ups even when the pop-up blocker is on.

Has anyone got any clues what to do to help my friend please?

THANKS
 
Christopher

Christopher

ClioSport Club Member
  Z4M
system restore to before the problems first occured

then install norton again and run a full scan
 
Christopher

Christopher

ClioSport Club Member
  Z4M
lol
on the main toolbar - select acessories

then system tools

then system restore

set a restore point to a time before the attack. ie. last month

then reinstall av and run a FULL scan


that should solve things, if not then you might have to take things further
 
GR7

GR7

  Shiny red R32
I'll pass the message on but if anyone else wants to join in....
I have looked on mine - where's "accessories" on the main toolbar?

Found it... did you mean "Start" (rather than main toolbar) then "Programme" then "Accessories"

Edit: Just got more info........ she says

".... its not freezing ... its doing what it wants!! it blocks pop-ups on some sites but allows them from so called spyware cleaning sites. there is obviously some kind of virus so why wont my norton pick it up?? my pc is fast. it needs to be as i work with big picture files everyday. I keep getting little yellow icons appearing in the task bar that has a box saying system error... download this software now! thanks for your reply though! just had another pop-up box saying trojan-spy.win32@mx"
 
Last edited:
GR7

GR7

  Shiny red R32
HELP!!!! My friend has just said......

".....but system restore wont let me select any dates other than today and it made no changes when i ran it. i also installed norton go back today which is a similar idea but it wont let me restore it to a date previous to today. been at this thing since 11am and on the verge of a nervous breakdown!"
 
MRBILLYUK

MRBILLYUK

ClioSport Club Member
  FF Jeden Osiem Dwa
She could try on the toolbar , tools > internet options > security > restricted sites > sites , then type in www.youriesecure.com .

Also could try deleting her cookies .Toobar again , internet options > delete cookies and delete files .

Sounds like spyware . Get a spyware removal program . I use spyware doctor or spybot
 
Last edited:
GUNN

GUNN

  ZT 1.8T
"Spyware" and "viruses" are different things, she has spyware on her system hence y norton wont pick i up because its not a virus, its not malicious but its annoying. Shes better off buying a spyware detector for a couple of quid, just google a good one they r all pretty much the same.
 
C

Clellandmc

  R26
My Dad had this, there will be a folder along the lines of search something or other in C:\Program files\ just rename the folder, and run a spyware scan in safe mode and all should be ok.

You may want to change the user's account to a limited one, then when they are making administrative change switch to an account which has admin rights.
 
D

djmode

  Renaultsport Clio 172 Ph2
download a program called spybot search&destroy type it into google its free and works really good!
 
The Hoff

The Hoff

  SLK 350
Download Spybot S&D, update it and run a scan, delete what it finds. Then download Ad-ware, update and run that too. Then download a program called Hijack-This, run that and delete what it finds.

Your liable to have some reg key somewhere that also abuses the winodws prefetch system and regenerates itself after you reboot, but try the above and let us know if it works.
 
GR7

GR7

  Shiny red R32
I had this message from my friend (re above)

"..... thanks for the advice. its running a scan just now to try and trace problem. I have tried a few programmes so far and wiped a lot but one is giving me real problems. If all else fails then one of my mates runs sisco systems and is a compuer wizz! he says he will fix it for me if i cant sort it myself.

the one i cant get rid of is one that takes over your homepage and gives you a promt to download somespyware removal nonsense. I have tried several scans now but my homepage still comes up as

http://youriesecure.com/

its driving me mad!!! just got some free software from someone else. will give that a try and see what happens. he says its better than most.. but i have been told half a dozen different ones now and everyone says theirs is the best!! it's driving me MADDDDDD

F U R T H E R * H E L P would be greatly appreciated please guys!!!
 
The Hoff

The Hoff

  SLK 350
Here, follow these instructions:


Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Next, please reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
Once in Safe Mode, open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt along with a fresh HJT log

For additional help read:
the Engish Tutorial
 
You must log in or register to reply here.

Similar threads

Mazz
Initiale dCi Daily Project (yes, diesel.)
4 5 6
Replies
224
Views
28K
starmagsi
S
FlameR
2004 clio, chugging and broke down
Replies
3
Views
703
FlameR
FlameR
Wobba
Wobba's 'try to keep it sensible this time' Clio 182 FF Cup Diary
2
Replies
43
Views
9K
Wobba
Wobba
C
Facebook virus...
Replies
17
Views
870
conneh
C
B
1996 1.2 Clio - The Beagle Saga
Replies
21
Views
9K
bncrew
B


Top