Posted 06 August 2010 - 01:08 AM
Thanks for the response. Sounds as though it is quite busy in the Malware forum. Well, I'm going to begin by backing things up first. Then I will start the process you are outlining.
By starting the process that you discussed, if that is able to help and rectify my situation, that would be great. But, if it can't, will that put me in jeopardy or worse off than I am now?
I feel that perhaps a little background info on my situation is in order. Last week, I picked up some fake antivirus program. It was continuously trying to inform me that my computer was infected. I would not click on any of its windows. It must have been preventing me from opening certain webpages and run Spybot, Adaware/Lavasoft, and Inoculate. I did a hard shut down of my computer, started in safe mode, and then ran scans using the three aforementioned anti-malware systems. Besides cookies, none of them found anything. I went out and purchased Norton 360, but was unable to load it in normal mode. This fake antivirus was blocking it. So, I loaded Norton in safe mode with networking (I am not sure on the differences of all the different safe modes), ran it, and it detected and removed Trojan.FakeAV!gen35. Something else was detected by Norton sonar, but I am unable to remember. I thought all was resolved, but after this I was unable to retrieve mail using Windows Live Mail or use IE to run Windows update. So, I used system restore to go to earlier restore point. Things appeared okay, but slower. I removed Inoculate & Ad-aware, and attempted to remove TrendMicro, but was unable to remove Trend b/c it needed something to remove it (I figured I would do later; not a big deal). I removed those programs b/c I thought they were the ones competing with Norton & were slowing my computer, & that I didn't need them anymore since having purchased Norton 360. Besides, Inoculate lapsed & I could no longer get updates. One program I did leave was Spybot.
I know things are not right because ever since restoring the computer to an earlier time, I continuously get notices that Norton has blocked an intrusion attack. The intrusions are from by HTTP Tidserv Request & HTTPS Tidserv Request 2. I have re-run Norton, but nothing besides cookies are detected. My computer appears to relatively normal,
but I am convinced something is on it & is just being blocked by the Norton firewall. So, in a way I am under an umbrella staying slightly dry, but the rain is coming down hard trying to get in & get me wet. The Norton firewall is blocking whatever this is, but it still lurks in the background. I would like to remove it and have the computer back to normal.
Also, not sure if it is related, but every so often I get notices that my "revocation information for the security certificate for this site is not available." I never used to see this message before, and I don't know what it is related to.
To summarize my Norton intrusion prevention log, I see attempts have been made by: HTTP Tidserv Request, HTTPS Tidserv Request 2, HTTP Misleading Application Detection, HTTP Fake Scan Webpage 5.