Do you still have a problem with this?
Hi Hayton, Yes i still have a problem although I may have sorted the virus. it has left my pc in bad way, in terms of folders and admin rights. For instance, I can't change backgrounds and I am locked out of some folders even though I am only profile and therefore shoudl be administrator. Looking at forums it seems as though the virus may have messed with my registry data. Is there anyway to set registry back to new? Or any other way to solve this to ensure thyere is no one else accessing my pc data etc.
It spunds like we've removed the infected file but not repaired the payload fully. Running the new Fake Alert Stinger might help - please could you give it a try and report back?
Also - moving this thread to the Top Threats space
I'm also interested in these fixes. One of these Fake Alert attacks brought in a TDSS.e!RootKit. I 've discussed my case over on that thread.
It may be that things like desktop files are gone in the first attack and just need to be reconstructed piece by piece. I found that search by program name can get to the shortcuts in the progam folders. Then you put the shortcut back on the desktop.
I seemed to have gotten rid of the payload, but not the damage it caused.
Point of housekeeping - I can log on with a machine running IE-8 but not with a new one running the latest IE-9. With that, login from the tool bar gives a looping login screen, i.e. putting name and pass word in the spots and clicking login just gives back the same screen. Everything normal with the IE-8 I'm now logged in from. The IE-8 machine has McAfee Virus Scan installed. The IE-9 machine is running mcAfee site advisor.
Thanks for help so far. I'll probably put the repaired HP machine back on line to get updates soon.
P.S. Have gone back on line with this HP machine and updated Anti virus. Nothing new. Have also run GetSusp, with only three older NVidia files marked suspicious.
Going back tor restoration and cleanup.
Found that making this a trusted site overcame the IE-9 log in looping.