Hi everyone hope you can help me
So the last couple of days i have had trouble with my hotmail. It hasn't been load straight away, refreshing and forwarding and backing the page seemed to fix it. Thought it had something to do with msn or something. Anway, went to check my online banking today, did a similar thing, page wouldn't take me to my 'memorable info' unless i refreshed. When i get there the drop down options for 3 seperate characters are not there and the page asked me for the info in full, so i think it is just a random change the bank had done to keep me on my toes. I put the info in and it then ask me in 3 block red letters 3 now add the 1,3, 6 characters. i did this but my system won't take me any further as i know it knows it is a risk. I swiftly got on my ipod to change my passwords just to make sure.
So i scan with mcafee, and even use windows malware removal tool, neither can find the problem.
Is there anything i can do? It seems like a virus to me. A very clever one at that. i've searched for the zeus file names and nothing seems to come up. Ive paid my subscription for mcafee and damned if i am going to pay them another 50 pounds for someone to removed it! i simply can't afford it
Message was edited by: Larduser on 10/02/11 15:39:53 CSTMessage was edited by: Larduser on 10/02/11 15:44:32 CST
What browser are you using?
Also have you tried clearing your cache?
I await your reply.
I'm using the latest version of firefox. But it does the same on explorer. I have cleared the cache, but maybe not correctly, i will try again, but it's a bit hard to test because i don't want to put my info in . I'll see what happens. Actually explorer now seems to close down via Data Execution Prevention.Message was edited by: Larduser on 10/02/11 15:56:54 CST
so ive clear again, and entered my password on the banking page, the page just sits there and won't load as before. if i refresh or go back and forward it will take me to the screen which the bank has told me is a fraudulent page which i am not going to do, as i know that it will defo take me there
, oh darn i hate thisMessage was edited by: Larduser on 10/02/11 16:03:57 CST
Please do the following;
Boot the computer up into Safe mode, by pressing F8 continously from the start up.
Pick Safe Mode with Networking.
Update McAfee then run a full scan, then please go to Malwarebytes.org and then to SuperAntiSpyware.com And download the free versions of this tools.
Please update Malwarebytes and run a quick scan.
After that please report back.
Also, please go, Start > Computer > System Properties and please tell me how much RAM you have.
Message was edited by: ConorD62 on 10/02/11 16:44:00 CST
ok conor, will give it a go. i have 2 gb of ram.
Well sir, mcafee still failed to show the threats but a quick scan with the malwarebytes software in safe mode showed 5 viruses. These being a few of them :
Trojan.Fraudpack, Rogue.AntivirusSuite, Trojan.ZbotR.Gen,
Now my email and banking work exaclty how they should so job done thank so much for the help. Theses trojans are scariest i have had myself. the only vague warning i had was the other day mcafee had a warning for scanning turned off. But why didn't it detect them? I've found mcafee pretty reliable over the last 2 1/2 years that i have be subscribing but now i thinking is my computer really safe?
on 10/02/11 17:48:14 CSTMessage was edited by: Larduser on 10/02/11 17:49:09 CST
No Anti Virus is 100 percent perfect, which is why you should have a backup such as Malwarebytes.
The Scanning off might have been corrupted by the trojans.
Also one is called fraud, I think you should change any information you have entered on the computer.
ok thanks alot.
I did a search on the virus list on the mcafee database and they have no record of these trojans so maybe that is why they got through?
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: