Solved

CA ETRUST 8.1 REMOVED SMART ENGINE VIRUS

Posted on 2010-11-10
5
705 Views
Last Modified: 2012-05-10
THE INFECTED FILES WERE SENT TO CA AND THE FIX WAS INCLUDED IN THE RECENT xx60 VIRUS UPDATE OVER THE WEEKEND.
AT FIRST THE MACHINE WOULD NOT ACCESS THE INTERNET THROUGH THE BROWSER BUT IT WILL NOW.
BUT IF YOU TRY MAIL.RUSSGARRETT.COM OR MAIL.EASTERNMEDEYE.COM IT WILL NOT WORK AND GOOGLE COMES UP IN GERMAN.  THESE DOMAINS ARE GOOGLE ACCOUNTS.
CA SAID TO TRY ARTICLE ID:813444 BUT IT DID NOT WORK?
CNN.COM AND OTHER SITES ARE OK. CHROME GIVES A SSL ERROR.
OTHER MACHINES ACCESS THESE SITES FINE.
HELP.
0
Comment
Question by:russgarrett
  • 2
  • 2
5 Comments
 
LVL 22

Accepted Solution

by:
optoma earned 500 total points
Comment Utility
Run these other scanners in order as well as CA may have missed something
TdssKiller, Hitmanpro. Malwarebytes(quick scan option)
http://support.kaspersky.com/viruses/solutions?qid=208280684
http://www.surfright.nl/en/hitmanpro
http://www.malwarebytes.org/mbam-download.php
0
 
LVL 47

Expert Comment

by:rpggamergirl
Comment Utility
Check this guide on how to uninstall smart Engine virus.
http://www.bleepingcomputer.com/virus-removal/remove-smart-engine

First you need to run RKill to stop the rogue process, then run Malwabytes to remove the virus.
http://download.bleepingcomputer.com/grinler/rkill.com

If the problem persists, which means other nasties may also be present, then also try ComboFix and attach the logfile.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
 
 
0
 

Author Comment

by:russgarrett
Comment Utility
THE VIRUS NOW SEEMS TO BE GONE.
THE PROBLEM NOW IS ACCESSING SSL SITES WITH IE8  OR CHROME.

CNN.COM WORKS.
0
 
LVL 47

Expert Comment

by:rpggamergirl
Comment Utility
You could post the logs of the scanners you used, ti might help.

If there are any bogus files on the desktop also delete them.
Check out this link, scroll down pass the scanners and try those steps.

Internet Explorer Cannot Connect to Secure Sites
http://www.duxcw.com/faq/win/xp/secure.htm
 
Also try re-registering these dlls.

Click Start > Run > type or copy and paste each command, clicking OK each time.

regsvr32 softpub.dll
regsvr32 wintrust.dll
regsvr32 initpki.dll
regsvr32 dssenh.dll
regsvr32 rsaenh.dll
regsvr32 gpkcsp.dll
regsvr32 sccbase.dll
regsvr32 slbcsp.dll
regsvr32 cryptdlg.dll
0
 

Author Comment

by:russgarrett
Comment Utility
thanks.

problem solved.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

INTRODUCTION "Virut" is a nasty, polymorphic file infector, and it infects every executable and screensaver file on access.  Some variant also infects .htm, html, .rar and .zip archives, and latest variants infects php and asp.  It patches system…
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now