windows security alert

[smirice38]

i came back to my pc today after letting my niece use it and on the screen was a windows security alert saying something about antivirus 2009 i clicked to try and get it off but everything went crazy my internet either wont find the page or it sends me somewhere else i have virgin pc gaurd but it does not pick up anything so i have downloaded stopzilla and completed a scan it says i have some trojans adware and a rogue they are TDSS ,Vundo-N ,antivirus 2009 can anyone help or advise me as i havent got a clue what to do

[RandyL]

Hi smirice;

Let's see if we can get you cleaned up.

 

You are infected with malware.

 

• Malware is software designed to infiltrate or damage a computer system without the owner's informed consent.
  It is a combination of the words malicious and software.
  The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.
  

• Required Cleanup Steps
  1. Disable the Spybot Search & Destroy TEA TIMER if you use it and if it is enabled
     
  2. Run a Temporary file and cache cleaner (ATF)
     
  3. Run 2 Anti-Malware scanners (Listed Below)
     
  4. Run an Online Anti-Virus / Anti-Malware Scanner (Listed Below)
     
  5. Clear out old System Restore points
     
  6. If continued Malware type activity is present you may be asked to post a TrendMicro™ HijackThis™ Log file, do not do so unless requested.
     

The reason to run multiple scanners is to ensure that no single scanner is missing something.

The time it takes will vary depending on your system and your internet connection speed.

Typically the SUPERAntiSpyware and Malwarebytes scanners will take between 10 to 90 minutes.

The ESET online scan should take between 1 to 3 hours.

In most cases, these scans will suffice to clean and disinfect your computer.

Heavily infected systems or slower PCs can take much longer to scan and clean.

 

For best results print the following instructions and bookmark this Web page

To keep this guide printer-friendly, use your cursor to highlight the contents below.

From your browser select File - Print and in the printer dialog box under "Print range"

click the

Selection

choice to print out these instructions for removal of malware.

 

 

http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/printer-selection.gif

 

____________________________________________

STEP 1

• Disable Spybot Search & Destroys' TEA TIMER: (if installed, if not go to Step 2)
  1. Run Spybot-S&D in Advanced Mode.
     
     
  2. If it is not already set to do this Go to the Mode menu select "Advanced Mode"
     
     
  3. On the left hand side, Click on Tools
     
     
  4. Then click on the Resident Icon in the List
     
     
  5. Uncheck "Resident TeaTimer" and OK any prompts.
     
     
  6. Restart your computer.
     
     

__________________________________________________

STEP 2

• Follow these instructions carefully.
  
  
• Download ATF-Cleaner from
  Snapfiles.com
  to remove un-needed temporary files from your computer that may contain malware.
  
  
• You can also download it from
  Majorgeeks.com
  
  
• When you run ATF-Cleaner, check the items as shown below for Main.
  
  
• For FireFox, be sure to click on the FireFox tab on top and check the items as shown below for FireFox
  
  
• NOTE:
  If you don't have FireFox or Opera installed then they will be grayed out and can be ignored
  
  
• Then click on "Empty Selected".
  
  

http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/atf-cleaner01.gif

.

http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/atf-cleaner02.gif

__________________________________________________

STEP 3

• Install and run the free version (not the Professional version) of SUPERAntiSpyware from
  SUPERAntiSpyware.com
  
  
  • Accept any prompts to allow SUPERAntiSpyware to install the latest rules and infection definition files.
    
    
  • You do not have to send them your e-mail address, just click next.
    
    
  • You can leave the automated check for updates on.
    
    
  • You can uncheck "Send a diagnostic report to research center" if you don't want to send the information.
    
    
  • DO NOT
    allow SUPERAntiSpyware to protect your Home Page settings.
    
    
  • On the
    Top Left
    select the
    Scan your computer
    button.
    
    
  • Make sure there is a CHECK MARK on all
    Fixed Drives
    .
    
    
  • Click "Perform a Complete Scan". Click "Next" to Repair issues found and reboot the computer when prompted to do so.
    
    

__________________________________________________

STEP 4

• Install and run
  Malwarebytes' Anti-Malware
  from
  Malwarebytes - (direct download)
  
  
  • Accept all defaults for the installer
    
    
  • Allow the program to update the definitions
    
    
  • Click on the
    Quick Scan
    and click Next.
    
    
  • If any items are found allow it to clean them and then Reboot your computer.
    
    

__________________________________________________

STEP 5

• Run an online scan with ESET from
  Free Virus Scan: Use ESET's Online Antivirus Scanner
  
  
  • You
    must
    use Internet Explorer for this online scan. FireFox, Opera, etc will not work for this scan.
    
    
  • If your computer is running Window's Vista, then you
    must first
    start Internet Explorer as an Administrator. To do so, right-click on the
    Internet Explorer
    icon in the Start Menu and select "
    Run as administrator
    " from the popup context menu.
    
    
  • Accept the terms and click "Start".
    
    
  • Once the scanner is ready, check "Remove found threats" AND "Scan unwanted applications".
    
    
  • Click "Start" to begin the scan.
    
    
  • When completed restart your computer
    
    

__________________________________________________

Make sure your internet firewall security is enabled, and then please return to

Extreme Tech Support - Free PC Help

and tell us how the computer seems to be operating.

At that time, you will receive instructions to assist you in removing malicious programs from your Add/Remove program list if warranted.

 

If required this is the download link for

TrendMicro™ HijackThis™

Unless instructed to by the Technician helping you then do not download this tool.

 

Once you and the Technician agree that your system appears to be clean then you should delete all your System Restore points and recreate a new one.

Please follow the instructions here

How to turn off and turn on System Restore in Windows XP

How to turn off and turn on System Restore in Windows Vista

[smirice38]

scans

 

i have completed the scans the last scan was the online scan what is the next thing to do , i have tried visiting a couple of sites in internet explorer and it seems to work

[RandyL]

Since everything seems to be working ok now I would just clear your old system restore points just to be on the safe side.

How to turn off and turn on System Restore in Windows XP

 

What kind of security do you have besides Stopzilla? Stopzilla is not a good product in my opinion. Products that we recommend.

[smirice38]

antivirus

 

i am running pc guard from virgin media which has never been switched off as it is a newish p.c and i got pc guard when i got the p.c but it doesnt seem to pick up these nasty bugs

after i clean system restore it asks how much disc space to use i have set it as maximum is this correct?

Edited October 26, 2008 by smirice38

[Guest Wolfeymole]

I'm with Virgin Smirice and I wouldn't touch PC Guard with a barge pole, in my opinion it's crap.

 

Have a look at what we recommend here.

 

http://extremetechsupport.com/forum/malware-removal-av-firewalls-etc/3597-free-pc-help-recommended-security-products.html

[RandyL]

I'm really not a fan of pcguard but I understand why you have it if your getting it for free.

 

Either way no security product can protect you if you or someone else allows something to bypass it.

 

Downloaded games, screensavers or file sharing P2P programs come to mind.

 

This is probably what happened.

[smirice38]

pc guard

 

thanks for that but virgin media charge me £3.00 a month for using p.c. guard i just wonder if i can get something else

can i run virgin media with something else or should i just get something else and switch it off

[RandyL]

For that price you can do a lot better for security. I would go for NOD32 Security Suite. It's the first one on the list from the link wolfeymole provided.

 

You can keep virgin as your isp. Just uninstall pcguard before installing another security suite.

 

But like I said no security will protect you if you bypass it.

 

By the way I'm glad everything is working well again for you.

[Guest Wolfeymole]

Your paying £36 a year for rubbish Smirice, I run Nod 32's Security Suite paid version for £39.95 a year and nothing gets past it.

 

https://secure.eset.co.uk/order/category.asp?intCategoryId=7

[smirice38]

anti virus

 

thanks guys i will do as you say as you are the ones that know what you are talking about thanks again as i have been checking around and everything seems normal

[Guest Wolfeymole]

Please do so Smirice you won't regret it.

 

By the way FPCH does not benefit in any way financially from endorsing these products, we plug them simply because they are very good tools.

[Seth]

Your paying £36 a year for rubbish Smirice, I run Nod 32's Security Suite paid version for £39.95 a year and nothing gets past it.

 

I recommend NOD above all other internet security suites, but the claim of "nothing gets past it" is a stretch. I can post logs to show malware that NOD doesn't even see, let alone remove. I state the same for ALL antimalware applications.

 

Knowledge of the Trojan Horse type infections, combined with layered protection is by far the best defense.

[Guest Wolfeymole]

Walk in a dark area Seth, expect to get mugged. ;)