Just earlier today I was being infected by a blue desktop screen that said "Warning! Spyware Detected on Your Computer! Install an antivirus or spyware remover to clean your computer."
As well as something called Antivirus 2008 when I clicked a fake setup.exe. I ran my computer in Safe Mode and deleted it from my Program Files, so now I don't see any sign of it. There was a folder with a lot of random letters and numbers that began with the letter "r" that my virusscan found was infected... and I deleted that from both the Local Disk and Registry, too.
The blue screen was harder to get rid of, but after running some scans and deleting some junk, it seems to be gone now. Before, it had disabled the "Desktop" tab in my Properties. Also, after I login to my Windows account, McAfee VirusScan Enterprise kept giving me a message that said something called "blowfish.dll" was removed... it appeared multiple times.
I ran the free version of Ad-Aware 2008 and it detected "Virtumonde" and "Win32.Worm.AutoRun" and removed them.
I also ran Windows Defender, and it found "Trojan:Win32/Vundo.gen!T", that I believe also got removed after I restarted.
With Spybot Search & Destroy, I removed:
22ndStreetComputers.PS3_fraud (contained registry key)
Microsoft.Windows.System (contained two registry changes)
Virtumonde.dll (contained two files and one registry key)
Virtumonde (contained two registry keys) (two of these)
Win32.Banker.aipy.rtk (one file) (two of these)
And I used RegCleaner to get rid of some suspicious-looking things as well.
So... now it appears that everything is back to normal... but I'm not sure if I got everything. There may still be some hidden infections that I don't know about. I looked up one of the trojans, and it said that it can log keystrokes and screenshots that get sent to a hacker site, so now I'm paranoid. :/
Is there anyway I can check and confirm that I actually got rid of everything?
-- Also, I want to take this chance to add that over the past few days, McAfee randomly pops up saying it deleted something called MSFONT.dll. It warns me about that several times a day, and I have no clue why.
Just a second ago, I got a pop up saying Antivirus 2009 needs to scan my computer... but I "x"ed out of it. Also, I got logged out of my Gmail account because it said someone else logged in from the same browser...? Ok, now I'm getting nervous.
Edited by Shokotan, 29 July 2008 - 05:12 PM.