Solved

"Extra antivirus" killed acces to gmail and igoogle

Posted on 2009-05-06
3
456 Views
Last Modified: 2013-12-08
My daughter's laptop got infected with "extra antivirus".  StopZilla removed it, but she can't access either gmail or igoogle with IE of Firefox.  Any suggestions?
0
Comment
Question by:ericallanoberg
3 Comments
 
LVL 2

Expert Comment

by:FatManc
ID: 24320370
Hi,
 
Thanks for posting to Experts Exchange.
 
The first thing you must do is download the following malware scanner
 
MalwareBytes Anti-Malware (MBAM)  http://www.malwarebytes.org 
 
Also download the following to your desktop but dont run it.
 
ComboFix  http://www.bleepingcomputer.com/combofix/how-to-use-combofix 
 
Another useful tool is:
 
HiJack This - http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html 
 
Download all three products above to your desktop and follow the instructions below.
 
MBAM Instructions
Firstly install MBAM, allow it to update if necessary and select Quick Scan. Let it do its thing and then if anything is found at the end, choose the remove selected option. The machine may ask to be rebooted, do this and then re-run the scanner to see if all has been removed.
 
If all has been removed but youre still have problems then ComboFix is your friend.
 
ComboFix Instructions
Disable all your AV products and close all open windows and then double-click on the ComboFix icon on your desktop.
Accept the defaults at any prompts.
A blue screen will appear and you may lose your desktop. This is normal.
It can take up to 20 mins for the software to run. DO NOT RUN ANYTHING whilst its going through.
Once the log file is displayed on the screen close it down and then re-run MBAM.
 
If all looks clear then download a reliable AV product such as AVG, Kaspersky or Avast! They are all free and can be found via Google. Get the lastest update for it and allow it to do a scan. It should come back clear.
 
If youve followed all this and still havent had any success then run HiJack This in Save Logfile mode. Copy and paste the logfile in to this message and well take a look.
 
Thanks
John
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 24320566
Smitfraudfix takes care of Extra antivirus,  so I would suggest using it first.

Sometimes there will be other nasties present in the system as well so if you're still having problem afterwards, you can then run other scanners like Combofix or MalwareByts as already suggested.

Please download SmitfraudFix, and select Option 2. Clean (Safe mode recommended)
http://siri.geekstogo.com/SmitfraudFix.php 

Please download SmitfraudFix:
http://siri.geekstogo.com/SmitfraudFix.php
Extract the content (a folder named SmitfraudFix) to your Desktop.
Next, please reboot your computer in Safe Mode by rebooting the computer,
and repeatedly tapping the F8 key as the pc starts. Choose "Safe Mode" from
the options listed.
 
Once in Safe Mode, open the SmitfraudFix folder again and double-click
smitfraudfix.cmd
 
Select option #2 - Clean by typing 2 and press "Enter" to delete infected
files.
 
You will be prompted : "Registry cleaning - Do you want to clean the
registry?" answer "Yes" by typing Y and press "Enter" in order to remove
the Desktop background and clean registry keys associated with the
infection.
 
The tool will now check if wininet.dll is infected. You may be prompted to
replace the infected file (if found); answer "Yes" by typing Y and press
"Enter".
 
The tool may need to restart your computer to finish the cleaning process;
if it doesn't, please restart it into Normal Windows.
0
 
LVL 1

Accepted Solution

by:
sidorak95 earned 500 total points
ID: 24332125
You may want to check your hosts files. Go to Start>My Computer>C:>WINDOWS>system32>drivers>etc>hosts
If it asks you what software to use, select notepad. You can ignore the lines that start and end with #. The only other line that should be there is :
127.0.0.1  localhost
If you find something else, delete it and save. If it says "Access Denied", go back to the hosts folder, right click hosts, and click Properties. Uncheck read-only. Than save.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had to do a bit of research to find the answer to this question so I thought I'd share my results.  Due to our outdated mainframe systems, we need to downgrade IE9 to IE8 in order to stay compatible.  We also needed to downgrade Java.  In order to…
Introduction If you're like most people, you have occasionally made a typographical error when you're entering information into an online form.  And to your consternation, the browser remembers the error, and offers to autocomplete your future entr…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now