Help! A week ago, I got infected with a virus/trojan/malware (Vundo, others) that caused: (a) pop-up advertisements to go rampant (b) a fake windows security alert to show up in my system tray
I was running a current McAfee at the time (virus protection, firewall, etc). I am still running McAfee, but also downloaded and ran Malwarebytes and SuperAntispyware. These found additional registery items plus I blocked internet explorer (I'm a firefox guy anyway) and the pop-ups stopped, but the fake security alert is still in my system tray. I know it is fake because it says Windows Updates if off and Windows Firewall is on. I can tell that both of these statements are incorrect when I pull up the proper screen(s) from control panel (I have Windows firewall off because I'm using McAfee's).
Can someone help me get this fake windows security alert out of my system tray?
On a friend or family member's computer, download the Malwarebytes installer and update files from the links below, copy them to a CD or flash drive, then transfer the files to the problem machine and use them. If you can't start the computer into "normal" windows, try installing, updating, and running the scans AFTER the computer is started into Safe Mode.. I use the sites below to download the installer file and the manual updater:
Once downloaded and before transferring them to the problem machine, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.
Next, download the SuperAntispyware program and the manual updater from the links below. After running the Malwarebytes tool above, if you still can't download and install it directly from the problem machine, download it on a friend or family member's computer as well.:
In a few situations, in order for the program to run, it was also necessary to rename the main "mbam.exe" file also after installing it.. It resides in the C:\Programs Files\Malwarebytes Antimalware folder. ____________________
Grif, thanks for taking the time to reply; but as you'll see from my original posting, I've already ran Malwarebytes and SuperAntiSpyware (learned about them from reading other posts in this forum before I made mine). As I stated, those tools stopped the pop-ups, but the fake windows alert (red shield with a 'x' in it) is still in my system tray.
Here are some posts other people have made with similar problems.
Click on Start, click Run, and then type devmgmt.msc and click OK On the View menu click on Show hidden devices Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys Highlight that driver and right click on it and select DISABLE Now RESTART your computer.