Major problem updating Smart Security

Hi Everyone,

Just wondering if anyone can give me a hint on what is wrong here with this PC.

It's my friends computer and she asked me to take a look at it 'cos she's been having a few problems with it. I highly suspect a virus.

Firstly, the PC had ESET Smart Security 3 on it, when I checked it, the update program hadn't updated since March, yet it was telling me it's totally up to date and that the updates have never been run.

I go on the internet and it shows me that it's not up to date (hardly thought so), but no matter how many times I click the update button it just wont do anything.

I also downloaded and put on AVG Antivirus (ok it is rubbish, but it's probably more likely to find something than a 6 month old version of ESET). Nothing.

Then I notice something strange has happened to the internet - at first everything started redirecting itself to Microsoft (so if I put in Google.co.uk I'd get www.microsoft.com). Then shortly after that everything starts redirecting to Google.

I presume the virus is redirecting all internet traffic, and therefore the updates that I'm getting are probably not the right updates and are useless.

In addition to this WLAN Wireless config has been disabled on the computer (this is why my friend asked me to look at her PC as she could no longer get on the internet through wireless). Even when I enabled WLAN config all the Wireless points aren't there, if I try Connect To.. or even Add wireless point from "Manage my Wireless connections" I get nothing - nothing loads, the PC does nothing. I can get wired internet but no wireless. The only way I could get it to add a wireless profile is to use NETSH in command prompt to add it.

I also considered that maybe this virus is intercepting the updates and that is why ESET isn't updating or maybe it's corrupted ESET. So I tried re-installing ESET (and brought it up to ESET V4). It installs fine, but again can't seem to activate updates.

Last chance I thought I know I'll try with a Linux rescue CD and download the most recent updates, so I used both F-Secure rescue CD, downloaded from a virus free computer and burnt to a disc, and also Kaspersky. F-Secure took about 4 hours scanning and nothing (except a few tracking cookies which don't count). Kaspersky took 11 hours scanning and also nothing.

I also tried doing system restore to remove it, but something has decided to wipe out all restore points - even the ones where I'd re-installed ESET (hmmm... no surprises there!). I did check whether or not system restore was active, and it was.

I've looked through the running processes to see if there is anything that looks suspicious in there, there was only one file which is a security banking program that can carry a worm, however I've disabled that, and also scanned it with all the antivirus programs and they haven't detected anything.

Anyone any ideas, my last resort is to re-install Vista, which is something I really don't want to do as she has over 50Gb of video files she wants to keep (although as the videos are from file sharing the virus is probably somewhere in there).

 

Hello,

Ok, download the programs MalwareBytes Anti-Malware, check if you can update it, if you can please update it, and run a full scan of the pc.

Then, download the program SUPERAntiSpyware Free, also check if you can update it too and run a full scan of the pc.

After that let me know the results

Good Luck

 

Thanks for the advice,

Not seen Super Anti-spyware before.

All it found was 23 tracking cookies from the following domains:-

ads.ookla
adsby.webtraffic
stats.channel4
virginmedia
virginmedia
www.virginmedia
www.rt-finds
serving-sys
specificclick
advertising
azjmp
toplist.bitcomet
myonlineaccounts3.abbeynational.co
stats.channel4
channel4.112.2o7
windowsmedia
revsci
cpvfeed
atdmt
bs.serving-sys
stat.onestat
doubleclick
www.nusextra.co

I think the virus appears to have gone, but the damage it has done to the system files seems to be unreversable without a re-installation.

 

Hello,

Tracking cookies are potentially a privacy issue but they do not pose the same type of risk as malicious code.

What you might want to do at this point is contact ESET and see if their support engineers can determine why updates cannot be downloaded. ESET provides a diagnostic utility called ESET SysInspector which gathers information about a system and can be used to help identify malware. Using that to generate a log file might be helpful in identifying what is occuring on the computer.

You can download a copy of ESET SysInspector from ESET, create a log file and mail it to support@eset.sk for analysis by a support engineer. Be sure to include a link to this message thread, so they will have some idea of the background.

Regards,

Aryeh Goretsky

 

Thanks for everyones help, solved the problem now - backed everything up, wiped the computer and re-installed Vista. Now everything is working fine.

Just got to put everything back on the computer now!