System Antivirus Warning

R

rchapman0608

My pc just started having a popup window come up saying : Warning! Atteck
Detected. It is called Blaster/Sasser.variant. My options are continue
unprotested or activate. When I click activate it of coarse wants me to pay
money, etc for the antivirus. What can I do to rid this? It would suck to pay
42.00 like they want for something that doesn't rid my pc of this. Also
another security alert come up sayong: Trojan-Spy.Win.KeyLogger.aa

I have had no problems with any of this stuff till today. Any help is
greatly appreciated.
 
D

David H. Lipman

From: "rchapman0608" <[email protected]>

| My pc just started having a popup window come up saying : Warning! Atteck
| Detected. It is called Blaster/Sasser.variant. My options are continue
| unprotested or activate. When I click activate it of coarse wants me to pay
| money, etc for the antivirus. What can I do to rid this? It would suck to pay
| 42.00 like they want for something that doesn't rid my pc of this. Also
| another security alert come up sayong: Trojan-Spy.Win.KeyLogger.aa

| I have had no problems with any of this stuff till today. Any help is
| greatly appreciated.

You just fell for con. You had a ZLob trojan that gave you the Pop-Up and you should
NEVER have "activated" it to cause a further infection.

Two part solution...

Perform part one and the part 2.

#1
----
Download Malwarebytes Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

#2
----
Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *
 
J

John Barnett MVP

This is a variant of AntiVirus 2008. Don't even think of 'paying' anything
you will just be buying a load of rubbish and causing more trouble for
yourself.

Download a copy of Malwarebytes Anti Malware www.malwarebytes.org (it is
free) and run that. This software has been successful at picking these
things up and removing them.

Another anti malware application you might also like to try is SUPER Anti
spyware www.superantispyware.com (again this is free)


--

--
John Barnett MVP
Associate Expert
Windows Desktop Experience

Web: http://xphelpandsupport.mvps.org
Web: http://vistasupport.mvps.org
Web: http://www.silversurfer-guide.com

The information in this mail/post is supplied "as is". No warranty of any
kind, either expressed or implied, is made in relation to the accuracy,
reliability or content of this mail/post. The Author shall not be liable for
any direct, indirect, incidental or consequential damages arising out of the
use of, or inability to use, information or opinions expressed in this
mail/post..
 
M

Mick Murphy

Scan your computer with Spybot Search & Destroy and Malwarebytes.
Do it in Safe Mode.
All info below.

http://www.spybot.info/en/index.html

Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program.
Download, install, update, and immunize your System with it.
Then SCAN with it.
Update it, and scan your System once a fortnight.

http://www.malwarebytes.org/mbam.php

Malwarebytes is as the name says, a Malware Remover!
For the Free version scroll down their page to either download from
Download.com, or Major Geeks.com

Download, install, and update.

Important re: Safe Mode
If you happen to find a problem that you can’t uninstall / delete, reboot
the computer, and go into Safe Mode.
To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow
key to get to Safe Mode from list of options, then hit ENTER.
RESCAN your computer with your Anti-Virus, Malwarebytes and Spybot S & D
while in Safe Mode.
 
N

nass

rchapman0608 said:
My pc just started having a popup window come up saying : Warning! Atteck
Detected. It is called Blaster/Sasser.variant. My options are continue
unprotested or activate. When I click activate it of coarse wants me to pay
money, etc for the antivirus. What can I do to rid this? It would suck to pay
42.00 like they want for something that doesn't rid my pc of this. Also
another security alert come up sayong: Trojan-Spy.Win.KeyLogger.aa

I have had no problems with any of this stuff till today. Any help is
greatly appreciated.
Click to expand...

Go through these Cleaning steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
http://www.malwarebytes.org/rr-update/rr-free-setup.exe
http://www.malwarebytes.org/rr-update/rr-free-setup.exe
http://onecare.live.com/site/en-gb/default.htm?s_cid=sah
http://onecare.live.com/standard/en-gb/default.htm

Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html
Run disk cleanup and also this tool:
http://www.ccleaner.com/download/builds/downloading-slim
download Hijackthis and send me the log.
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)
Send me copy to my address is : to_you_ross(at remove this and repalce with
the obvious)yahoo.co.uk

( _ is underscore)
HTH
nass
 
D

David H. Lipman

From: "David H. Lipman" <[email protected]>

#2 should have been...

Download MULTI_AV.EXE from the URL --
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe

http://www.pctipp.ch/downloads/dl/35905.asp

English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file.

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *
 
P

PA Bear [MS MVP]

[In for a penny, in for a pound...]

Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315

Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware

When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use (in
conjuction with some other utilities). HijackThis will NOT fix anything on
its own, but it will help you to both identify and remove any
hijackware/spyware with assistance from an expert. **Post your log to
http://aumha.net/viewforum.php?f=30,
http://forums.spybot.info/forumdisplay.php?f=22,
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0, or other
appropriate forums for review by an expert in such matters, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Security Warning 2
Virus Infection? 8
Unremovable Security Center Alert 2
Windows XP Windows 2000 Spyware Big problem! Please help. 9
Windows XP (NL): Windows Activation Problem + Windows Automatic Update Problem = Very Slow Computer. 18
Strange virus alert by Trend Micro 9
Vista, What an Amazement, with Office 2007 Integration!!! 6
Five Steps to Ditching Malware 1

Top