[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

"Extra antivirus" killed acces to gmail and igoogle

Posted on 2009-05-06
3
Medium Priority
?
496 Views
Last Modified: 2013-12-08
My daughter's laptop got infected with "extra antivirus".  StopZilla removed it, but she can't access either gmail or igoogle with IE of Firefox.  Any suggestions?
0
Comment
Question by:ericallanoberg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 2

Expert Comment

by:FatManc
ID: 24320370
Hi,
 
Thanks for posting to Experts Exchange.
 
The first thing you must do is download the following malware scanner
 
MalwareBytes Anti-Malware (MBAM)  http://www.malwarebytes.org 
 
Also download the following to your desktop but dont run it.
 
ComboFix  http://www.bleepingcomputer.com/combofix/how-to-use-combofix 
 
Another useful tool is:
 
HiJack This - http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html 
 
Download all three products above to your desktop and follow the instructions below.
 
MBAM Instructions
Firstly install MBAM, allow it to update if necessary and select Quick Scan. Let it do its thing and then if anything is found at the end, choose the remove selected option. The machine may ask to be rebooted, do this and then re-run the scanner to see if all has been removed.
 
If all has been removed but youre still have problems then ComboFix is your friend.
 
ComboFix Instructions
Disable all your AV products and close all open windows and then double-click on the ComboFix icon on your desktop.
Accept the defaults at any prompts.
A blue screen will appear and you may lose your desktop. This is normal.
It can take up to 20 mins for the software to run. DO NOT RUN ANYTHING whilst its going through.
Once the log file is displayed on the screen close it down and then re-run MBAM.
 
If all looks clear then download a reliable AV product such as AVG, Kaspersky or Avast! They are all free and can be found via Google. Get the lastest update for it and allow it to do a scan. It should come back clear.
 
If youve followed all this and still havent had any success then run HiJack This in Save Logfile mode. Copy and paste the logfile in to this message and well take a look.
 
Thanks
John
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 24320566
Smitfraudfix takes care of Extra antivirus,  so I would suggest using it first.

Sometimes there will be other nasties present in the system as well so if you're still having problem afterwards, you can then run other scanners like Combofix or MalwareByts as already suggested.

Please download SmitfraudFix, and select Option 2. Clean (Safe mode recommended)
http://siri.geekstogo.com/SmitfraudFix.php 

Please download SmitfraudFix:
http://siri.geekstogo.com/SmitfraudFix.php
Extract the content (a folder named SmitfraudFix) to your Desktop.
Next, please reboot your computer in Safe Mode by rebooting the computer,
and repeatedly tapping the F8 key as the pc starts. Choose "Safe Mode" from
the options listed.
 
Once in Safe Mode, open the SmitfraudFix folder again and double-click
smitfraudfix.cmd
 
Select option #2 - Clean by typing 2 and press "Enter" to delete infected
files.
 
You will be prompted : "Registry cleaning - Do you want to clean the
registry?" answer "Yes" by typing Y and press "Enter" in order to remove
the Desktop background and clean registry keys associated with the
infection.
 
The tool will now check if wininet.dll is infected. You may be prompted to
replace the infected file (if found); answer "Yes" by typing Y and press
"Enter".
 
The tool may need to restart your computer to finish the cleaning process;
if it doesn't, please restart it into Normal Windows.
0
 
LVL 1

Accepted Solution

by:
sidorak95 earned 2000 total points
ID: 24332125
You may want to check your hosts files. Go to Start>My Computer>C:>WINDOWS>system32>drivers>etc>hosts
If it asks you what software to use, select notepad. You can ignore the lines that start and end with #. The only other line that should be there is :
127.0.0.1  localhost
If you find something else, delete it and save. If it says "Access Denied", go back to the hosts folder, right click hosts, and click Properties. Uncheck read-only. Than save.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Internet Explorer #Enterprise Mode #IE 11 #IE 8
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question