I'm a long time McAfee user, as well as Malwarebytes.
I seem to have a problem which is rare. I use Firefox only.
On one user ID only in Vista I am getting popups that all say internet explorer provided by Dell at the end of them.
one of them says (111211url.cptgt.com internet explorer powered by Dell).
also there seems to be a radio broadcast playing in the background even when I close the browser.
Couple of times I have closed the browser and it opens back up to one of these things that says windows anti phishing ....which I think is a false thing.
Yesterday It was bad I ran McAfee full scan and it coufght and quarantined one virus, and all seemed well.
Today the pop ups and phantom radio voice in the background even when Firfox is closed down and only desktop is showing.
Can anyone help to get rid of this whatever it is???? McAfee and Malwarebytes were updated before the scans.
The same thing just happened to me the other day. I've got the latest McAfee SecurityCenter running, but it says there's no infection.
Since I know something is fishy, I tried using a bunch of other AV software...Microsoft's Security Essentials and Spybot Search and Destroy both said I was fine too.
When I used Norton's free PC checkup, however, it says there's four viruses on my system...but it won't tell me what they are without paying 100 bucks to have them clean it for me...thanks for nothing Digging around a little, I found a log file from the free checker that says I have "Trojan.Gen.2" and "Trojan Horse". Apparently, both are .dll files that are sitting in my appdata/local/temp directory and called by registry entries.
I'm more then a little concerned that McAfee didn't find these virus/trojans though
Seems same type or trojan. This appears very new so will ask around at tomorrow's mod meeting but first try what I posted here .The getsup suggestion is a big possibility and you get a reply fast. It also feeds Mcafee AV filesit picksup to add to their detection dat files.
Thanks! I'll look into the tools you suggested. Not sure what good my log files would be now though, as I've been slowly, manually hacking away anything I realize as infected.
I can tell you exactly how I got infected though. It was via Facebook. All I did was look at a friend's wall post and suddenly all hell broke loose. It was a drive-by download that first presented as Vundo and evolved from there....
jmeessem..........that is exactly what happened to me only in Myspace...........the exact same thing.
Those social networks are being targeted.........it happened Sunday morning Dec 12 to me.
I wonde if this is going to be a huge problem.......meaning many many people.
I have the same problem. I have made sure that Mcafee is up to date and I have run a full scan but the scan does not detect anything. I then ran Malwarebytes Anti-Malware and it detected Registery Values Infected:
Hkey_Current_User\Software\Microsoft\Windows NT\CurrentVersion\winlogon\Shell (Trojan.Agent)
Also Files Infected:
c:\users\administrator\Appdata\Roaming\microsoft\windows\start menu\Programs\thinkpoint.lnk (Rogue.ThinkPoint)
c:\users\administrator\Appdata\Roaming\agtyjkj.bat (Malware Trace)
Malwarebytes indicated that all of the above was Quarantined and deleted successfully, however whenever I open Internet Explorer the Malware or the Trojan keeps opening up other windows using Internet Explorer which takes me to various websites that say I have won a gift card or something like that. Is this the ThinkPoint Virus or what do you call it?
Why isn't Mcafee protecting my computer from these Trojan or whatever you call them????
It is new there is always a lead time follow the link above and get the getsusp program Vinoo will help you
https://community.mcafee.com/message/163726#163726 go to the getsusp details jion its forum and download and run getsusp.Message was edited by: Peacekeeper on 14/12/10 12:07:42 PM
It appears that a Trojan or Malware has taken control over my pc. I did a control, alt, delete and under Processes I highlighted various programs like iexplore.exe and right-clicked and went into properties, then clicked on the Security tab and it lists TrustedInstaller as one of the users and it has Full Control, Modify as well as Read & Write permissions. When I log in I only have Read & Write permissions. Is there anyway to remove this TrustedInstaller so I can get back control of my pc???? I think that is why I can't get rid of this damm virus.