xttt
3 Silver

Re: windows explorer fake security virus

hi GAHIXON1,

say that worked!!  yea!!  the latest version of java

is installed.  thanks!!!

below is the latest security check log:

Results of screen317's Security Check version 0.99.16  

Windows XP Service Pack 3  

Internet Explorer 8  

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!  

ESET Online Scanner v3  

Microsoft Security Essentials    

Antivirus up to date!  

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware    

HijackThis 2.0.2    

CCleaner    

Java(TM) 6 Update 26  

Adobe Flash Player  

````````````````````````````````

Process Check:  

objlist.exe by Laurent

Windows Defender MSMpEng.exe

Microsoft Security Essentials msseces.exe

Microsoft Security Client Antimalware MsMpEng.exe  

``````````End of Log````````````

thanks soooooooo much for your help!!

please let me know if there's anything else i need to do.

will you let me know which of the tools i can delete.  or should i just

leave them in place.

also was wondering what you recommend with regard to mse alert levels.

i have set mine at severe alert - delete, high alert - delete, medium - quarantine,

and low - quarantine.  (or should i just put all them at delete?)  

0 Kudos
gahixon1
3 Silver

Re: windows explorer fake security virus

Hi xttt,

Those alert levels seem fine. With the lower alert levels, these can sometimes be FP (False Positives). So, it's always better to be able to drop back on a wrongly identified file in the quarantine. A luxury you do not have if the file is deleted.

These next steps will remove all the tools we have used and perform a few other important tasks. After these steps, if all goes well, I will post you some useful information to prevent reinfection in the future.

Step 1
ATF Cleaner

Please download ATF Cleaner by Atribune.

This program is for Windows 98/ME/2K/XP and Vista

 

  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.

 

If you use Firefox browser

  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click
  • No at the prompt.

 

If you use Opera browser

  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

 

Click Exit on the Main menu to close the program. For Technical Support, double-click the e-mail address located at the bottom of each menu.

Step 2
Remove ComboFix, delete infected restore points, etc.
Please go to Start, then click on Run and copy and paste the following into the Run box:

combofix /uninstall

and tap . Wait until the process completes. This will delete ComboFix, all of the ComboFix backups, delete your infected restore points and create a new one, delete your tmp files, and your trash, etc. In other words it will clean up some of the leftover junk on your system that was either deleted or quarantined.

*ComboFix is a powerful tool that changes often and should not be used unless directed by someone trained in its use.*

Step 3
OTC

 

  • Download OTC by OldTimer and save it to your desktop.
  • Double click OTC_Icon.jpg icon to start the program.
    If you are using Vista, please right-click and choose run as administrator
  • Then Click the big CleanUp.jpg button.
  • You will get a prompt saying "Being Cleanup Process". Please select Yes.
  • Restart your computer when prompted.

     

    In your reply

  • Let me know how your system is running

Graduate of Spyware Hammer Academy

0 Kudos
xttt
3 Silver

Re: windows explorer fake security virus

hi Gahixon1,

i think it's a lot better.  there used to be

over 50 processes running.  now there are

only about 40.  the machine used to be

very, very slow.  now it's much quicker.

so thank you sooooooo much!!  now if

this machine could just stop such nasty malware and

viruses from getting in.  that would really be great. 

thanks again for this fourm and your assistance.

sincerely, 

0 Kudos
gahixon1
3 Silver

Re: windows explorer fake security virus

I think we are all done. If you have any further questions, please do not hesitate to ask. Next will follow my standard end response. Please read through this, nas it contains a lot of information about preventing malware in the future.

Make proper use of your anti-virus and firewall
Anti-virus and Firewall programs are integral to your computer security. However, just having them installed isn't enough.

The definitions of these programs are frequently updated to detect the latest malware. If you don't keep up with these updates, you'll be vulnerable to infection. Many anti-virus and firewall programs have automatic update features. Turn the automatic updates on if your programs have them. If your program doesn't, then get in the habit of routinely performing manual updates, because it's important.

You should keep your anti-virus and firewall guard enabled at all times. NEVER turn them off unless there's a specific reason to do so. Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure you're system remains clean. Once a week should be adequate. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Antispyware programs:
I would recommend the download and installation of some or all of the following programs (all free), and the updating of
  them regularly:

Web of Trust warns you about risky websites that try to scam

visitors, deliver malware or send spam. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous ones:

Available for Firefox, Internet Explorer and Google Chrome.

Green to go,
Yellow for caution, and
Red to stop.

 

  • Spyware Blaster - By altering your registry, this program stops harmful sites from installing things like ActiveX Controls on your machines.

     

  • Malwarebytes' Anti-Malware - Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recommend keeping it and using often.


Please remember to update MBAM every time before you run it.

 

Use a safer web browser

Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection,and there are a few good free alternatives:

Firefox,

Opera

Chrome.

All of these are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It'sdefinitely worth the short period of adjustment to start using one of these. If you wish to continue using Internet Explorer,it would be a good idea to follow the tutorial HERE which will help you to make IE MUCH safer.

Here a couple of links by two security experts that will give some excellent tips and advice.


So how did I get infected in the first place by Tony Klein

How to prevent Malware by  Miekiemoes

Finally this link HERE will give a comprehensive up-to-date list of free Security programs. To include - Anti-virus, Antispyware, Firewall, Anti-malware, Online scanners and rescue CD`s.

Thanks for using Dell Forums. I do not see any evidence of malware in any of your logs and if your computer is running well,

it appears we have solved the problem.

George

Graduate of Spyware Hammer Academy

0 Kudos