Spyware Protect 2009

[diddo09]

About three days ago, my computer was infected with this rogue called spyware protect 2009. Since I always read the latest security articles from trusted antivirus vendors, it seems that the program might be install CONFICKER worm on my pc and other hidden rootkits. On Friday, I decided to spend the entire scanning my computer about 5x using different antivirus vendors [bootable antivirus disks, malwarebytes, a-squared, etc]. It seems that the rogue antivirus had vanished from my existent computer. I am now worry that what if all of the antivirus scanner tools did not fully clean my computer? How do I know if there are rootkits on my PC? After I got infected with this nasty rogue, my IE 8 and FF 3.08 seem to slow for my internet connection.

What should I do Raymond and everyone here at this amazing forum????

***PS: I scanned all of my pc(s) with the conficker removal tool [from Symantec] and malwarebytes in order to see if the malware had infected in those system. Fortunately, all of my computers are CLEAN. The irony of this situation is that Norton 360 v. 3.0 did not detect W32.Waledac from the infected PC. Even malwarebytes only quarantined four infected files: Regular trojan, ZLOB, and the two infected files regarding to Spyware Protect 2009.

One last point: if a computer is infected with conficker worm attacks, then the entire computer [including the network] cant visit security websites such as microsoft.com, symantec.com, kaspersky.com, etc... All of my computers can easily visit those security websites without any redirections or hassles. .

Should I reinstall windows XP or are there alternative plans for me to use?

###There are two attachments. "Before File" is when my computer is infected. "After File" is when the malwarebytes and other antivirus software successfully cleaned my infected computer.

http://www.viruslist.com/en/weblog

http://www.avertlabs.com/research/blog/


THANKS,

DD09

[hellnoire]

HijackThis and WinPatrol logs please. I don't think many of us can work without them. And attach them, don't post them out please. If you don't know how to attach, go Advanced, then hit Manage Attachments and Upload the file there. WinPatrol's log is bigger then allowed most times, so zip it up first.

Thanks.

[leofelix]

Hi
(Sorry hellnoire for my intrusion)
did you try this free removal tools too?

http://www.disinfecttools.com/ (BitDefender)

https://securecloud.com/downloads/Syscl3@n.exe (Trend Micro)


http://download.eset.com/special/EConfickerRemover.exe (ESET NOD32 cleaner)


http://vil.nai.com/vil/conficker_stinger/S.T.I.N.G.E.R.exe (Stinger for Conficker)

http://data2.kaspersky-labs.com:8080/special/KKiller_v3.4.1.zip (From Kaspersky)

---------

Then try to scan your system with SUPERAntiSpyware free.

Last hope could be ComBoFix (be careful)

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

---------

I hope you OS is patched http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
you disabled USB/CD autorun
your personal firewall is turned on
and you're not connected via an infected network

I hope i could be useful
Regards

[blackrose]

First:
Disable system Restoration Point.

A good AV would be able to that but I recommend using Kaspersky Removal Tool

SCAN

When the scan finishes you should be able to use your pc fully. Should you receive any error you can repair your system with the Bootable OS CD/DVD.

Hope this works.

[hellnoire]

(Sorry hellnoire for my intrusion)

Don't worry about it, I get logs first before I recommend cures myself. It's however you work things.

[Ceyfer √]

Capability; Sadly conficker worm also delivers this (FraudTool.Win32.SpywareProtect2009") rogueware to the victim's machine .

[Mongoose]

The programs I use are Malwarebytes, SuperAntiSpyware and Avira. But last week I knew I had something but none of these programs found it, so I downloaded A-squared 4.0. Now since A-squared has the Ikarus antivirus with it now which is suppose to be a very powerful antivirus, it found it. I ran the Deep Scan which takes awhile cause it goes through your computer like a fine tooth comb. At times I try to put viruses in my computer to test software but most of the time Avira will stop it. Although my computer is 5 years old it has never broke down.

[diddo09]

I am going to post the log this weekend. This week, several of my clients have called me and schedule me to fix their computers after the virus attacks. TOO busy and not enough time to fix my problem....

Thanks for understanding,

DD09

[diddo09]

Have updated my computer logs.

Seem that everything is okay because I scanned my computer with several antivirus vendors. It was exhausted because I had to install and uninstall several antivirus vendors. Luckily, all of the conficker removal tools did not find any infected files. Kaspersky scanned my PC and did not even find one trace of malware file.

Thanks everyone for helping me,

DD09

Can someone please check my after result log to see if my computer is still having malware files or is it okay?

Thanks,

DD09