Going mad!!!!

Secure Home | Search | About

Lost Password?

Microsoft Antivirus Discussions

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

Going mad!!!!

Carlitos

12-29-2006

Malke

David H. Lipman

Posted by =?Utf-8?B?Q2FybGl0b3M=?= on December 29, 2006, 9:51 am

If you were Registered and logged in, you could reply and use other advanced thread options

I keep getting this message, saying system alert, when I click it, I have a
new page tryng to sell me this software, How ca I get rid of it?
Thanks.
Carlos

Attention! Your system is currently vulnerable to computer attacks. Remote
intruders can gain access to following files and folders on your PC:
- \Windows\System32
- \Program Files\Internet Explorer
- \My Documents
- Drive C:\ files
To enhance the security on your PC Download and run Intrusion Detection
System (IDS software)

Posted by Malke on December 29, 2006, 10:44 am

If you were Registered and logged in, you could reply and use other advanced thread options

Carlitos wrote:

> I keep getting this message, saying system alert, when I click it, I have

> a new page tryng to sell me this software, How ca I get rid of it?

> Thanks.

> Carlos

> Attention! Your system is currently vulnerable to computer attacks. Remote

> intruders can gain access to following files and folders on your PC:

> - \Windows\System32

> - \Program Files\Internet Explorer

> - \My Documents

> - Drive C:\ files

> To enhance the security on your PC Download and run Intrusion Detection

> System (IDS software)

Your computer is infected with some variant of the Smitfraud trojan. Go
through the preparatory steps here:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Then do the specific removal steps here:
http://www.elephantboycomputers.com/page2.html#Smitfraud_Trojan

Include scanning with either Sysclean or Multi_AV, plus AVG Anti-Spyware
(formerly Ewido - http://www.ewido.net/en/) and follow instructions to do
all scans in Safe Mode.

When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the link above (not here, please).

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a professional computer repair
shop (not your local version of BigStoreUSA). The only alternative to going
through the malware removal tediously and systematically, probably with
online help from an HJT forum, and taking the machine to a real
professional is to back up your data and do a clean install of Windows.
It's your call. Please be aware that not all local shops are skilled at
removing malware and even if they are, your computer may be so infested
that Windows will need to be clean-installed. Have all your data backed up
before you take the machine into a shop.

Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User

Posted by David H. Lipman on December 29, 2006, 2:55 pm

If you were Registered and logged in, you could reply and use other advanced thread options

| I keep getting this message, saying system alert, when I click it, I have a
| new page tryng to sell me this software, How ca I get rid of it?
| Thanks.
| Carlos

| Attention! Your system is currently vulnerable to computer attacks. Remote
| intruders can gain access to following files and folders on your PC:
| - \Windows\System32
| - \Program Files\Internet Explorer
| - \My Documents
| - Drive C:\ files
| To enhance the security on your PC Download and run Intrusion Detection
| System (IDS software)

Two part reply..

Perform Part 1 then perform Part 2.

If the first two parts don't work, perform the alternate section.

It is suggested that you execute each tool in Normal Mode then in Safe Mode.

Part 1
-----------

Use noahdfear's SmitFraud, SpyAxe, SpyFalcon, et. al., removal tool --
SmitRem.exe
http://noahdfear.geekstogo.com/click%20counter/click.php?id=1

http://www.bleepingcomputer.com/forums/topic43659.html

Part 2
-----------

Download SmitFraud.exe from the URL --
http://www.ik-cs.com/programs/virtools/SmitFraud.exe

Execute; SmitFraud.exe { Note: You must accept the default of C:\McAfee }
Choose; Unzip
Choose; Close

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go
through your
FireWall to enable WGET.EXE to download the needed McAfee related files.

Execute; c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }

A final report in HTML format called C:\mcafee\Normal_ScanReport.HTML or
C:\mcafee\Safe_ScanReport.HTML will be generated. At the end of the scan, it
will be
displayed in your browser (Opera, FireFox or Internet Explorer). However, if
you are using
WinXP, Win2K or Win2003 your system will be left in a state where you will have
to manually
shutdown/reboot the PC. On Win9x/ME platforms the report will not be shown in
your bowser
but your PC will automatically be shutdown. It is suggested that you move the
report out of
c:\mcafee before performing another scan.

It would be best to scan in both Safe Mode and in Normal Mode and save a copy of
the HTML
report for each session.

ALTERNATE:

S!ri's SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php

Please Copy and Paste the contents of the HTML Log files;
C:\mcafee\Normal_ScanReport.HTML & C:\mcafee\Safe_ScanReport.HTML in your reply.

* * * Please report back your results * * *

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

The site map in XML format XML site map