Malware/Virus alert

[David]

I doubt its anything that isnt known here as you are always on the ball but earlier this week my desktop suddenly had red lettering all over it claiming my pc was infected with 38 viruses and to click and buy the anti virus..I didnt but did think it maybe a virus or maleware or both so shut the machine down ,pulled my hair out for a second or two and went about trying to sort it ...so far no luck with the old machine,I have no idea how I got this although my daughter had been in IM which is banned in my house but I dont know so I thought I would at least warn you guys whilst I try and work out a way of clearing the other machine whilst keeping the data on it ....
Careful now

[Steve]

If you can find out which variety of malware has got you we should be able to advise, however they can be a real pain to eradicate. It's probably arrived from some innocent looking website.

[Lance]

I would normally run malwarebytes in safe mode and get avast antivirus to do a boot time scan.

[David]

http://www.techspot.com/vb/topic42837.html

http://www.fasterpccleanclean.com/your-system-has-been-infected-popup

This is the ones I believe,as I dont use dodgy sites I am wondering how it got on there !
Avast was running at the time and scans are hourly with it I have tried but it wont or cant touch this nasty ware .I wont be beaten though .

[.Griff.]

"Maleware" - Is that something like boxer shorts? 

[David]

 No Griff just bad spelling                  malware

[Glenn]

If it is like the Scareware pictured below, then follow  http://www.bleepingcomputer.com/virus-removal/remove-system-tool

[David]

Thanks Glenn

[Lance]

If it is like the Scareware pictured below, then follow  http://www.bleepingcomputer.com/virus-removal/remove-system-tool

Thats the exact one I cleared off a friends machine Monday night.

[David]

I have to admit getting flummoxed knowing which one to download but for some reason I turned the machine on and it sprang to life with no sign of anything !! I ran avast which found a fake alert,whatever this is but now I am carrying out a boot scan on the machine concerned,Im on my laptop at the moment ,maybe right or stuppid but the new Advent I have left off for the time being ...so I get paranoid

If the boot scan comes back as clear then I intend to return to that link and download hopefully the correct application

[David]

Thats the exact one I cleared off a friends machine Monday night.

Yes this is the one Lance exactly its cost me a few quid so far but cant see why its gone or where its gone ,why was it not on the desktop when I switched the machine on ?

It very hopeful to see it can be destroyed or at leaste removed off the machine and a relief that I may not have lost all or any data....se RKill using the LTop for reference

[Rik]

Like the new avatar, David.

[David]

 
Got him yesterday

[Rik]

Not stuffed, I hope.

[Simon]

You shot a robin?   

[David]

Hi Simon just finishing off this and looks like I succeeded in something technical for once,just on the last lap managed to get Malwarebytes downloaded and its doing the scan ,I think,not sure that the machine is cleaned 

Thanks all.
Simon no Robins were harmed in the making of this movie 

[Rik]

 

[Simon]

[David]

     Job Done thanks again

Trojan found and now gone

[David]

Not stuffed, I hope.

Tha rings bells

[Rik]

Ding dong the witch is dead.

[David]

 

You are not by any chance taking the St Michelle are you  sir ? 

[Rik]

Moi? 

[David]

  Now I have just watched the MSE videos and wonder why I spent so much money 

[Rik]

Because someone has to, David.

[David]

Here    endeth the 55th lesson

[Rik]

Let us pray...

[David]

  

[Niall]

Just thought I'd point out that this is the thing that infected my aunts laptop, that resulted in me spending 10 hours cleaning it. Addblock & Avast is the way forward! Oh and on that subject I mentioned the Avast false positives the other day, and it seems they fixed that in the update yesterday/today (not sure which).

Oh, and Rik, I installed that PSI that you always go on about. That is one REALLY hand program!    I tried it on my mums system last night and it detected LOADS of redundant files that hadn't come off on uninstalls.

[Simon]

PSI?

[john]

PSI?

I wondered what it is too, is it this ?

[David]

Its a late night cop show isn't it? this all very informative and it really amazed me how it worked.to make double sure I did a final boot check and to be honest that machine flew last night so fast I don't think I have ever known it to be so fast..... with all this though Avast and all the others (thanks Rik I downloaded the MSE on the Dell last night but turned off Avast as I thought they may conflict so when do you think it will conflict?
Interesting subject though

[Simon]

I wondered what it is too, is it this ?

If it is, it looks quite good.  Funny, I can't recall Rik mentioning it before. 

[Rik]

PSI?

I wondered what it is too, is it this ?

It is. Highly recommended.

[Ray]

Seconded, especially the latest version which now automatically finds security patches and installs them.

[Rik]

Even though it usually picks an inconvenient time to do it.

[Ray]

This is very true, Rik. 

[Niall]

Speaking of virus issues. Today I was clearing out old bookmarks and stumbled across my idnet blog that I hadn't used since the day I set it up, and avast went nuts saying there was a virus on there and wouldn't load the page. I've reported it to idnet just in case, but for all I know it's avast having more false positives again!

[David]

Out of interest Niall what do you run Avast with or alongside ?

[Niall]

Oh god, now you're asking.

Avast V6
spyware blaster
Spybot (these two are mainly there for IE as I've got Firefox set so they're unneeded)
Ccleaner
O&O defrag 14 (full version)
Superantispyware (paid version)
Comodo system cleaner
PSI

I know they're all for different things, but all told they keep things defragged and virus/malware/spyware free

Avast was reporting false positives the other day in Office 2010 (on installing it on a fresh format/install of the O/S - Win 7 64bit), but stopped after an update, but as I got this today I'd have thought that it's more likely to be a false positive than a virus IDnet haven't spotted on their servers

[Lance]

On my home machines I just run avast along side the windows firewall. I also run malwarebytes every couple of weeks or so.

[David]

I only twigged yesterday that or what Malwarebytes was and what it did exactly good learning curve for me

[Niall]

Oh yeah, and malware bytes

For some reason there's no icon when I set it to small font. There is for the three default sizes, but in titchy mode it's an unnamed file icon.

[john]

Avast flagged up a 'trojan horse' yesterday but said it was unable to remove it. I tried Ccleaner which deleted a lot of files in my 'temporary internet' folder but after clearing it out more files were being copied  into it. Ran Ccleaner again which cleared them out but then kept re-appearing. Went into taks manager and deleted some processes I didn't recognize (I think several were 'ew<something>.exe') but they also started to re-appear. I managed to finally stop them by navigating to my 'temporary' folder and deleting everything in there then rebooting the laptop.