trojan-spy.win32 green screen

[cathyrees]

I keep getting warning messages for "trojan-spy.win32 green screen" I know this is a rogue virus and is not a trojan, but i cant get rid of it :(

I've scanned with Norton360 and AVG and it's not coming up as often now, but it still comes up.

how can I permanently delete this from my system

[Guest Wolfeymole]

Why are you running 2 anti virus programs Cath, run only 1.

 

In the meantime follow the guidelines listed below.

 

Your computer is infected with Malware.

 

• Malware is software designed to infiltrate or damage a computer system without the owner's informed consent.
  It is a combination of the words malicious and software.
  The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.
  

 

• Required Cleanup Steps
  
  1. Disable the Spybot Search & Destroy TEA TIMER if you use it and if it is enabled
     
  2. Run a Temporary file and cache cleaner (ATF)
     
  3. Run 2 Anti-Malware scanners (Listed Below)
     
  4. Run an Online Anti-Virus / Anti-Malware Scanner (Listed Below)
     
  5. Clear out old System Restore points
     
  6. If continued Malware type activity is present you may be asked to post a TrendMicro™ HijackThis™ Log file, do not do so unless requested.
     

   

The reason to run multiple scanners is to ensure that no single scanner is missing something.

The time it takes will vary depending on your system and your internet connection speed.

Typically the SUPERAntiSpyware and Malwarebytes scanners will take between 10 to 90 minutes.

The ESET online scan should take between 1 to 3 hours.

In most cases, these scans will suffice to clean and disinfect your computer.

Heavily infected systems or slower PCs can take much longer to scan and clean.

 

For best results print the following instructions and bookmark this Web page

To keep this guide printer-friendly, use your cursor to highlight the contents below.

From your browser select File - Print and in the printer dialog box under "Print range"

click the

Selection

choice to print out these instructions for removal of malware.

 

 

http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/printer-selection.gif

 

____________________________________________

STEP 1

• Disable Spybot Search & Destroys' TEA TIMER: (if installed, if not go to Step 2)
  
  
  1. Run Spybot-S&D in Advanced Mode.
     
     
  2. If it is not already set to do this Go to the Mode menu select "Advanced Mode"
     
     
  3. On the left hand side, Click on Tools
     
     
  4. Then click on the Resident Icon in the List
     
     
  5. Uncheck "Resident TeaTimer" and OK any prompts.
     
     
  6. Restart your computer.
     
     
   

__________________________________________________

STEP 2

• Follow these instructions carefully.
  
  
• Download ATF-Cleaner from
  Snapfiles.com
  to remove un-needed temporary files from your computer that may contain malware.
  
  
• You can also download it from
  Majorgeeks.com
  
  
• When you run ATF-Cleaner, check the items as shown below for Main.
  
  
• For FireFox, be sure to click on the FireFox tab on top and check the items as shown below for FireFox
  
  
• NOTE:
  If you don't have FireFox or Opera installed then they will be grayed out and can be ignored
  
  
• Then click on "Empty Selected".
  
  

http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/atf-cleaner01.gif

.

http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/atf-cleaner02.gif

__________________________________________________

STEP 3

• Install and run the free version (not the Professional version) of SUPERAntiSpyware from
  SUPERAntiSpyware.com
  
  
  • Accept any prompts to allow SUPERAntiSpyware to install the latest rules and infection definition files.
    
    
  • You do not have to send them your e-mail address, just click next.
    
    
  • You can leave the automated check for updates on.
    
    
  • You can uncheck "Send a diagnostic report to research center" if you don't want to send the information.
    
    
  • DO NOT
    allow SUPERAntiSpyware to protect your Home Page settings.
    
    
  • On the
    Top Left
    select the
    Scan your computer
    button.
    
    
  • Make sure there is a CHECK MARK on all
    Fixed Drives
    .
    
    
  • Click "Perform a Complete Scan". Click "Next" to Repair issues found and reboot the computer when prompted to do so.
    
    
   

__________________________________________________

STEP 4

• Install and run
  Malwarebytes' Anti-Malware
  from
  Malwarebytes - (direct download)
  
  
  • Accept all defaults for the installer
    
    
  • Allow the program to update the definitions
    
    
  • Click on the
    Quick Scan
    and click Next.
    
    
  • If any items are found allow it to clean them and then Reboot your computer.
    
    
   

__________________________________________________

STEP 5

• Run an online scan with ESET from
  Free Virus Scan: Use ESET's Online Antivirus Scanner
  
  
  • You
    must
    use Internet Explorer for this online scan. FireFox, Opera, etc will not work for this scan.
    
    
  • If your computer is running Window's Vista, then you
    must first
    start Internet Explorer as an Administrator. To do so, right-click on the
    Internet Explorer
    icon in the Start Menu and select "
    Run as administrator
    " from the popup context menu.
    
    
   
  • Accept the terms and click "Start".
    
    
  • Once the scanner is ready, check "Remove found threats" AND "Scan unwanted applications".
    
    
  • Click "Start" to begin the scan.
    
    
  • When completed restart your computer
    
    
   

__________________________________________________

Make sure your internet firewall security is enabled, and then please return to Extreme Tech Support - Free PC Help and tell us how the computer seems to be operating.

At that time, you will receive instructions to assist you in removing malicious programs from your Add/Remove program list if warranted.

 

If required this is the download link for TrendMicro™ HijackThis™

Unless instructed to by the Technician helping you then do not download this tool.

 

Once you and the Technician agree that your system appears to be clean then you should delete all your System Restore points and recreate a new one.

Please follow the instructions here

How to turn off and turn on System Restore in Windows XP

How to turn off and turn on System Restore in Windows Vista

[cathyrees]

Thanks. I'm busy downloading those programs.

RE: Why I used 2 anti virus, AVG didn't work, so I installed Norton hoping it would help, I deactivated AVG while Norton was running but now I've reactivated AVG and uninstalled Norton.

I use AVG free to protect my PC from Virus, and allow windows defender to do the rest. The security centre says I'm fully protected. Im I? I don't like using all different programs, is there one Freeware program that does it all??

[Guest Wolfeymole]

After you have run those programs and got back to us have a look at this.

 

http://extremetechsupport.com/forum/malware-removal-av-firewalls-etc/3597-free-pc-help-recommended-security-products.html

[cathyrees]

lol I looked there before even posting this thread. I'm looking for one program that does everything... I don't want to be running lots of different programs with different types of protection..

[Seth]

lol I looked there before even posting this thread. I'm looking for one program that does everything... I don't want to be running lots of different programs with different types of protection..

 

Hi Cathy.

 

No one program can catch all threats.

 

My suggestion is NOD32 Internet Security along with a manual scan each week using either the free version MalwareBytes or SuperAntiSpyare.

[cathyrees]

SUPERAntiSpyware found about 60 infections!!! And I've been compulsively running AVG and Norton and they found NOTHING!!!

Malwarebytes has already found 11!!!

I restored my entire system yesterday (with windows installation and repain disc)!!!

Question.. What must I do with the files in Quarantine? Delete or leave them there?

[Seth]

And I've been compulsively running AVG and Norton and they found NOTHING!!!

 

That's not unusual.

 

Malware is put into the quarantine in case a legitimate file is removed and you need to restore it. Although I've never seen that happen with MalwareBytes or SuperAntiSpyware.

 

Give it a week, and if all is running well you can delete the quarantined items.

[cathyrees]

Thanks. And about NOD32. I am a student, and have no credit card. Can therefore not pay for any of it online. The only antivirus I can find at

stores is Norton, which I'm not too impressed with... Naturally. Is there nothing avalable for free (at the risc of sounding cheap...)

[Seth]

Avast and Avira are free. Either of those will be fine as long as you read this post and manually scan with the additional scanners I mentioned.

[cathyrees]

Well the ESET scan seems to have frozen on the last file. But it didn't find and threats :D

Think the Malwarebytes cleared it up, because I haven't gotten the message since I ran that scan.

THANK YOU BOTH

:D :D :D

[Guest Wolfeymole]

Get a good anti virus and firewall from those listed Cath and run SAS and Malware bytes at least once a week.

[cathyrees]

Busy installing Avast and Comodo Thanks for that.

I'm in the regular habit of running scans daily. I'm paranoid (yet still I get Virus grrr)

[RandyL]

Hi cathy;

Paranoia and diligence are two different things. You're doing the right things now. Once you are sure your system is clean by following the guide the AV and firewall should keep you protected.

 

That is unless you allow the malware onto your computer. File Sharing, P2P etc. is one way. Installed free programs like screen savers and smilies is another.

 

If you have any questions on those let us know. We will advise you.

[cathyrees]

Comodo gave me an error message that COmodo Firewall Pro is not compatable with my operating system. I'm runing Vista Home

[Dalo Harkin]

If you are running Vista the Windows firewall is strong enough for most users.

[jackjag_89]

Hey. Had the same problem. Followed the steps above and seems to have cleared up. Surprised at how many threats i had on my pc. Just wanted to say thanks. :)

[Guest Wolfeymole]

Your welcome Jack

[indieke]

Yesz it is a difficult one to get out of your system! Only Malwarebytes' Anti-Malware, found it. This on a brand new, computer, had to install flashplayer and was tricked.

 

For people who don't want to scan for hours, maybe running this soft willm do the trick.