help, virus.

i keep getting a popup saying a win32 document or w.e it says that i can track and steal my information when using payment options, i got it when my mom was using the computer and she was clicking random things, looks like shes never using it again.

but how may i get rid of this, i have norton internet security 2008, and on the popup it says "protect" so i clicked it and it led me to this site.

http://www.defender-review.com/?a=111


what can i do to get rid of it fully?
i cant detect it in any internet scans, and i can figure out how to use norton to get rid of it

 

o well would a admin/mod move it?

but i seriously need help i just got this computer on christmas

EDIT: thanks for movie it to the right section.
i just finished running a scan, for norton internet security 08 and it said i have no threats, but i know i do since it pops up still, anyone have a solution? and my hp total care advisor "PC health" isnt installing, i install everything it says to install from the hp site, and its not showing up, saying i need to install hp health check

 

Check this out mate ,

http://www.bleepingcomputer.com/malware-removal/remove-perfect-defender-2009

this is well known Malware , here is manual method if the above doesn't work

Note : Always have a backup when working with registry

1. Add defender-review.com to your restricted sites in IE or Block it using your firewall

2. Remove these registry entries

Code:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PDefender
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Perfect Defender 2009"

3. and remove Perfect Defender 2009 processes:
pdfndr.exe
pdmonitor.exe
UnInstall.exe

4.Detect and delete other Perfect Defender 2009 files:
c:\Program Files\Perfect Defender 2009\dbbase.div
c:\Program Files\Perfect Defender 2009\pd.dll
c:\Program Files\Perfect Defender 2009\pdfndr.exe
c:\Program Files\Perfect Defender 2009\pdmonitor.exe
c:\Program Files\Perfect Defender 2009\UnInstall.exe

 

i dont even have perfect defender.....sorry. i have no clue on what your telling me to do, and i dont even know what type of virus it is.

 

Just follow the link mate and perfect defender is responsible for all your popups and redirects

 

but but i dont have perfect defender on my comp, sorry im new to this, usually i have zone alarm delete everything for me, and it just does and it goes away. but windows firewall keeps bringing the popup up again and again.

 

could you post a screenshot mate , that should he us identify your problem better

 

try this program:

http://siri.geekstogo.com/SmitfraudFix.php

the defender pro is a variant of the anitvirus 2009 and smit should remove it..

download it. extract it to a folder where you know where to find it. open the smitfraudfix.exe and choose 1 to scan and then from the list choose clean. then clean the registry when done with ccleaner (download also) you will see the options on the list. if running vista make sure to run with admin rights

 

yes i will try to get a screen shot, i already pressed prnt sc and it didnt take a screen shot when i tried to paste in paint, next time it pops up ill take one, but i think its gone, cause it stopped poping up since last time (about 10 minutes ago) but probably not

 

uh for some reason i cant take screen shots, im pressing "insert" which says "prt sc" which is print screen right? but its not letting me paste the screenshot in paint... but it says in the header like window popup

Windows Firewall has blocked some featrues of this program

Name: Win32.Zafi.B
Risk Level: High
Description: This trojan has keyboard logging function, chich is intended to steal information from users of a range of online payment systems

 

Try this for taking screenshots

http://graphicssoft.about.com/od/screencapture/p/cropper.htm

and also try the tool given by zfactor

 

well i just exited the window, once it pops up once more ill see if i can use that, but how do i access the windows firewall control panel? but here is what the window says anyways

Windows Firewall has blocked some featrues of this program

Name: Win32.Zafi.B
Risk Level: High
Description: This trojan has keyboard logging function, chich is intended to steal information from users of a range of online payment systems

 

Seriously, download and install Malwarebytes from the original link posted by vinumsv in post #3. I've used that utility on a number of machines infected with a variety of spyware/malware and I can recall only one incidence of it not thoroughly cleaning it up. And SmitFraudFix worked for that one.

 

Check this out for XP

http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx

and For Vista

http://www.vista4beginners.com/Windows-Firewall

 

why i recc smitfraudfix right from the start

have you ran smit yet? im telling you to try try it you may be suprsied if you have not used it yet

 

This alert is a fake alert. It is not a message from the Windows Firewall. The malware file, which is popping up the alert dialog, is located here "C:\Documents and Settings\YOURUSERNAME\Application Data\Google\ocboo1892823.exe"

You can find additional information and removal instructions here:
http://www.freefixer.com/blog/what-is-going-on-2009/

 

WOT (Firefox extension) flagged your website. It's probably best not to post, like that.

 

1st post, awesome job. Or is it?

 

Probably flagged it because the server on which it resides has been used to host at least 6 sites that were pushing hidden malware, at least according to Google safe browsing; the website itself, however, appears to be clean, according to google.

 

Meaning...????

 

Hi,
Try installing free version of superantispyware and update the definition database, n scan your pc.
Download free version from here

http://www.superantispyware.com/download.html

it will fix. Also its better to use Norton anti-virus 2008/2009 rather than internet security.
download norton antivirus 2009 a 15 day trial from below n scan ur pc from it, it will fix your prob
http://www.softpedia.com/get/Antivirus/Norton-AntiVirus-Final.shtml