Trying To Fix A Problem

Hello,

I’m new here and trying to get some help with a problem. I received a warning last night that I had a virus from Avast. By the time I got to the computer later, I had a blinking icon at the bottom of my computer with the following note.

System Alert

System has detected a number of active spyware applications that may impact the performance of your computer. Click the icon to get rid of unwanted spyware by downloading an up-to-date antispyware solution.

When I clicked on the icon it immediately went to a site called Virus Response Lab 2009, (website: virus-labs2009.com), and wanted me to download their stuff for a 2 year subscription. I had never heard of them, so I didn’t do it.

This morning I ran my Avast, Ad-Aware, and Spybot trying to get rid of any viruses. According to each I cleaned up my computer, but each time I reboot, the icon at the bottom still shows the System Alert which leads to the Virus Response Lab 2009 site.

Does anyone know what I need to do to get rid of this ? I’m far from being a computer expert, so I would appreciate any help. Thanks in advance.

play4him

I suggest:

  1. Clean your temporary files.
  2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
  6. Disable System Restore and then reenable it again.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

Specially step 3.

So it’s always better to quarantine. I didn’t know that. So once it’s in quarantine, do I just leave it there ? Sorry for the bother.

Deletion isn’t a good first option always send to the chest or quarantine, you have options left this way.

The alert flashing saying you have spyware is scum/scamware and what ever you do don’t click on it or visit the site or you could well be really infected.

For this tupe of attack these should be you first options.
MalwareBytes Anti-Malware freeware version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.

Also try this tool, RogueRemover, available here http://www.malwarebytes.org/rogueremover.php

Keep it there (in Quarantine or Chest) for further analysis.
If your computer is running well, if you right click the file into Chest and rescan it returning an infected file (after one week or two), well, it was indeed an infected file that you can get rid (emptying the Chest).