Hi
My dad has the totalsecure 2009 virus affecting his pc (vista). After researching what it is and does it seems he has a worse "version" of it than any other accounts i've read. It will let him browse 2 or 3 (if hes lucky) web pages before a pop up box tells him hes got a virus and surprise surprise only "totalsecure2009" will get rid of it. This is always follwed by IE being shut down.
I'm fairly good with pc's but i'm struggling with this. I've ran spybot and avast, but to no avail. I've looked at removing it manually, but cannot find any of the 3 exe files which most sites tell you to find in program files and can't find any of the dll files in the reg. Also simply doing a search for "totalsecure2009" doesn't throw up any results.
I can't download Malewarebytes of smitfraud because...you guessed it, IE shuts down before i can download the software. (i've shall try and put these anti spyware exe' s on a memory stick and see if i can run it from there).
Apart from that any help will be greatly appriciated, as its starting to really do my head in.
Thanks for reading.

Hi styles66 and Welcome to BleepingComputer!

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

• Make sure you are connected to the Internet.
• Double-click on mbam-setup.exe to install the application.
• When the installation begins, follow the prompts and do not make any changes to default settings.
• When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

• If an update is found, the program will automatically update itself.
• Press the OK button to close that box and continue.
• If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

• Make sure the "Perform Quick Scan" option is selected.
• Then click on the Scan button.
• If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
• The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
• When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
• Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

• Click on the Show Results button to see a list of any malware that was found.
• Make sure that everything is checked, and click Remove Selected.
• When removal is completed, a log report will open in Notepad.
• The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Reagardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

One other note... We have good a write-up here: Totalsecure 2009.

rigel,
cheers for that.managed to download malewarebytes, ran it and it seems to have done the trick.
many thanks

Just a point?

I got out of Trouble using Malwarebytes once, now it never leaves my DeskTop. I just update it regularly and leave it there! First sign of Problems, that is the first thing I run.

I did get hit later with an Upper Memory Virus that took it out? I just drained the CSMOS and got rid of it. I knew when Malwarebytes got taken out it was serious.

Hello styles66,would you mind posting the MBAM and SmitFraudFix logs so we can be certain the malware removed will not return, thanks.
The SmitFraudFix report can be found at the root of the system drive, usually at C:\rapport.txt