Posted 03 August 2008 - 08:32 PM
I've been trying to figure this out and it's driving me crazy.
A few months ago (system's been off the network since until right now) I went to make an online purchase, and after entering my credit card info, a "verified by visa" box popped up.
I hit proceed without putting info in and it kept coming up, I hit the X and it went away.
I had heard of verified by visa, but wasn't confident about it.
I got sidetracked and forgot about it, thinking it may have been real.
I went to go to 401k.com and wasn't sure of my password, and entered it and thought maybe I put it in wrong - in fact was pretty sure I did. Up came the next page asking for all sorts of my info. I checked the URL, it was real. Checked all sorts of things, hosts file, nothing odd. Like an ID10T I entered info. Then up came the warning page saying I was infected from 401k.com. I wanted to kick myself SO hard.
Anyhow, no flames about that please. I've been beating myself up badly enough. After the shock wore off I pulled the network cable, but knew it was too late.
I have been searching using all sorts of tools, searching online for ideas about it, and can find nothing.
Avira, Symantec, Trend, Kaspersky, all found NOTHING.
I desperately would prefer not to have to rebuild this system, but will if I have to. I DO have my data backed up, but finding where what is on all the CDs will take a lot of time I don't have extra of, so....
So - Help please? Thanks, I really appreciate it!