I went on this site and i think it downloaded some sort of virus or spyware on my computer. Now, I keep recieving pop ups. I have a firewall installed as well as symantec, spybot search and destroy and lavasoft adaware remover. Ive ran all these programs multiple times but im still recieving the pop ups.
When i run symantec it detects some spyware and removes them but after start up i still keep recieving the pop ups?
What can i do?
I think the program thats causing this is "winantivirus". But, Symantec is reporting it deleted. There are also a few threats found that it says : action taken "left alone"
These files are
Trojan.awax
class4.htm
Any Thoughts
2007-05-31 12:32:48 · 7 answers · asked by Anonymous in Computers & Internet ➔ Security
WinAntiVirus Pro 2007 Automatic Removal Instructions
http://www.winantivirus-removal.com.removal-instructions.com/removeWinAntiVirusPro2007.html
Smitfraud Variants including PestCapture, WinAntivirus Pro 2007, and other similar Malware Removal Instructions and Help
http://www.pchell.com/support/smitfraud.shtml
Adware.W32.ExpDwnldr
http://www.spynomore.com/onlinestability-com.htm
Description: www.onlinestability.com is a hijacker that is installed by a trojan. It infects the user's computer then displays warning messages (similar to the one shown below) in an attempt to force the user into purchasing one of several rogue antispyware / antivirus products such as WinAntiSpyware, WinAntiVirus or SystemDoctor. A common message on infected computers warns of 'Adware.W32.ExpDwnldr' infections.
Once installed, onlinestability.com can hijack your desktop and show a message similar to the one shown below:
Adware.W32.ExpDwnldr Warning Message Screenshot:
Malware Removal: Virtumundo
http://wiki.castlecops.com/Malware_Removal:_Virtumundo
This procedure is to remove Adware-Virtumundo (Vundo).Winfixer /WinAntiSpyware / WinAntiVirus and Adware-Virtumundo are not one and the same. Persistent WinAntiSpyware or WinAntiVirus popups which pester the user to purchase the program, are indicative of Adware-Virtumundo or a Vundo infection, for short, but it is also possible to have the program Winfixer program and its successors installed without Vundo accompanying it.
===========================
You have malware installed on your system. If you follow all the following steps it should get rid of your problem and prevent future problems. All programs listed are free.
---------------------------------------------------------
Update your antivirus and run a full scan in safe mode
If you do not have full time (active) virus protection install (only one) all are excellent:
AVG Antivirus 7.5 Free Edition
http://free.grisoft.com/freeweb.php/doc/avg-anti-virus-free/lng/us/tpl/v5
http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10669237.html?tag=lst-0-1
or
Free antivirus - avast! 4 Home Edition
http://www.avast.com/eng/avast_4_home.html
or
AOL Active Virus Shield
http://www.activevirusshield.com/antivirus/freeav/index.adp
---------------------------------------------------------
Install Windows Defender (full time spyware protection)
Perform a full scan.
http://www.microsoft.com/athome/security/spyware/software/default.mspx
---------------------------------------------------------
Install the following five programs and run weekly or at least monthly. You need all five. They will greatly increase your protection. They are not a substitute for full time spyware and virus protection.
Ad-Aware SE Personal (update + full scan)
http://www.lavasoftusa.com/products/ad-aware_se_personal.php
Spybot Search & Destroy (update + immunize + scan)
Do not enable Tea Timer and SDHelper
After installation: update + scan + immunize
http://www.safer-networking.org/en/mirrors/index.html
SpywareBlaster: Update then open and click “enable all protection”.
http://www.javacoolsoftware.com/spywareblaster.html
SUPERAntiSpyware free version: (update + scan)
http://www.superantispyware.com/
CCleaner: Do not install toolbar option
Removes tracking cookies, unneeded files, history
In options.
Set to run when computer starts.
Place cookies you want to keep in save list
http://www.ccleaner.com/
-------------------------------------------------------------
Note if a scan detects a problem but is unable to remove, start the computer in safe mode with the internet line disconnected and run a full scan.
In severe cases your system restore files will also be infected. In these cases you will need to turn off system restore to prevent malware hiding in the system restore files and reinfecting the computer during removal or during a future system restore. Turning off system restore deletes the system restore files.
Right click on "my computer"> Properties > System Restore Tab > Check box turn off system restore
After the malware is removed turn on system restore.
-------------------------------------------------------------
Run this time only
CWShredder: run
http://www.trendmicro.com/cwshredder/
Roguefix.bat
http://www.internetinspiration.co.uk/roguefix.htm#uninstall
Shoot The Messenger
http://www.grc.com/stm/shootthemessenger.htm
SmitFraudFix
http://www.geekstogo.com/forum/How_to_use_SmitFraudFix-t109268.html
Vundo Fix and
VirtumundoBegone (if VundoFix does not work)
http://www.bleepingcomputer.com/forums/topic18610.html
VX2 tool for Ad-Aware and run tool (Install and run)
http://www.lavasoftusa.com/support/securitycenter/vx2_cleaner.php
----------------------------------------------------------------------
Additional run this time and monthly.
Microsoft Update "Custom Mode" install everything
http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us
Microsoft OneCare Live, run “full service scan”
Updates windows, virus and spyware scan, disk cleanup, disk fragmentation (if needed), backs up registry and then cleans registry, and checks for open firewall ports
http://onecare.live.com/site/en-us/default.htm
Malicious Software Removal Tool (run “full scan”)
http://www.microsoft.com/security/malwareremove/default.mspx
-------------------------------------------------------
RootkitRevealer v1.71
http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx
Rootkit Removal Guide
http://safecomputing.umn.edu/guides/scan_unhackme.html
Rootkits Removers
Pick any 2 install and run one each month
AVG Anti-Rootkit
http://www.grisoft.com/doc/products-avg-anti-rootkit-update-app-art/?ver=1.1.0.29
F-Secure BlackLight
http://www.f-secure.com/blacklight/
Sophos Anti-Rootkit
http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html
----------------------------------------------------------
----------------------------------------------------------
Online Free Scanners:
Run Trend Micro, Kaspersky, and Panda Scan now.
Run a different one each month.
Trend Micro: HouseCall Free Scan (removes what it finds)
http://housecall.trendmicro.com/
BitDefender Online Scanner http://www.bitdefender.com/scan8/ie.html
Kaspersky Labs Online Scanner http://www.kaspersky.com/virusscanner
McAfee http://us.mcafee.com/root/mfs/default.asp?affid=294
Panda ActiveScan Free Online Scanner http://www.pandasoftware.com/products/activescan?
Symantic Online Scanner http://security.symantec.com/sscv6/ssc_eula.asp?langid=ie&venid=sym&plfid=23&pkj=ALUFRHYTINMHDKDCWLL&vc_scanstate=2
-------------------------------------------------------
Additional Information read:
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Overview
http://wiki.castlecops.com/Malware_Prevention:_Prevent_Re-infection
http://www.castlecops.com/f67-Hijackthis_Spyware_Viruses_Worms_Trojans_Oh_My.html
http://aumha.org/a/quickfix.htm
http://aumha.org/secure.htm
http://aumha.org/a/parasite.php
http://www.castlecops.com/t102301-Hijackthis_Guidelines_Read_Before_Posting.html
http://www.techsupportforum.com/security-center/hijackthis-log-help/15968-updated-important-read-before-posting-log.html
http://forum.aumha.org/viewtopic.php?t=4075&sid=901703d08c2ace31389ffef2d84b6607
2007-05-31 12:57:00 · answer #1 · answered by Anonymous · 1⤊ 0⤋
2
2016-08-22 11:57:53 · answer #2 · answered by ? 3 · 0⤊ 0⤋
You can run what is known as "online scanner". The link I am going to give you will run direct from the servers of kasperksy lab, Russia. Rated # 1 in the world for virus detection. Will not conflict with symantec. Scan can take upto two hours depending on how many running processes you have and how many program installed. Let the scan complete as it will kill all viruses in real time. Suggest you reboot after completion.
http://www.kaspersky.com/virusscanner
Minddoctor, France
2007-05-31 12:59:09 · answer #3 · answered by MINDDOCTOR 7 · 0⤊ 0⤋
Sounds like it could possibly be a Vundo infection.
"The Vundo family of Trojans is one of the most common infections we find on user’s PC’s. The infection can cause popups which usually advertise rogue antispyware programs. Some common rogue antispyware programs that are advertised are WinFixer, SysProtect and Winantispyware for example. Users are normally targeted by false positives, and warning of infection – an example of this could be popups alerting users they are infected with a blackworm virus. The most common method of infection is through outdated versions of the Sun Java platform; older versions are being exploited so it is important to firstly make sure that your Java software is fully up to date. Thankfully, the infection is relatively easy to remove, and a specialised tool has been created to remove the vundo trojan from infected computers. The following guide will explain how to use the tool, and hopefully rid your system of this malware."
http://www.bleepingcomputer.com/forums/topic18610.html
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo.:
http://www.bleepingcomputer.com/forums/topic18610.html
Good luck.
2007-05-31 14:02:47 · answer #4 · answered by Anonymous · 0⤊ 0⤋
The advert might have been a trick advert it is an advert that that tells you you have contaminated records on your workstation once you truly do no longer and then attempt to make you obtain "virus removal application" it is somewhat in straight forward terms an endemic. you oftentimes cant get an endemic only from vacationing a internet site, you will possibly desire to truly obtain something.
2016-10-09 05:29:11 · answer #5 · answered by ? 4 · 0⤊ 0⤋
type in housecall in yr search engine and goto 1st entry and download the virus scan u will have to be online whilst this scan is being done.this usually finds virus`s and trojans etc other programs dont. good luck
2007-05-31 12:40:37 · answer #6 · answered by rgnasher 1 · 0⤊ 1⤋
For all computer related problems please check out
http://computer-probs.blogspot.com/
It not only gives complete solutions but also offers
free downloads of effective softwares which can detect
and eliminate all spy ware /virus /ad ware /Trojans completely.
2007-05-31 13:36:11 · answer #7 · answered by Anonymous · 0⤊ 0⤋