Re: virus problem... not sure
- From: "David H. Lipman" <DLipman~nospam~@Verizon.Net>
- Date: Fri, 31 Mar 2006 19:40:59 -0500
From: "andrew" <andrew@xxxxxxxxxxxxxxxxxxxxxxxxx>
| My computer was infected with Spyware Quake, which i could not get rid of
| until i used a free mcafee dl which went through and seemed to get rid of
| it.... and my computer was fine for about 10 min. then i got a virus alert in
| the lower rh corner stating critical system error! my homepage is now an
| antivirus page and i get various other popups stating my comp is infected.
| spyware quake is gone but ive got all these other things now. also i tried to
| run smitrem on my computer before, but when i restarted in safe mode, smitrem
| was no longer on my desktop... dont know if the two are connected. any ideas?
| thanks.
Two part reply..
Perform Part 1 then perform Part 2.
If the first two parts don't work, perform the alternate utility.
It is suggested that you execute each tool in Normal Mode then in Safe Mode.
If you are using any version of Sun Java that is prior to JRE Version 5.0,
then you are strongly urged to remove any/all versions that are prior to JRE
Version 5.0. There are vulnerabilities in them and they are actively being exploited.
It is possible that is how you got infected with malware.
Therefore, it is highly suggested that if there are any prior versions of Sun Java
to Version 5 on the PC that they be removed and Sun Java JRE Version 5.0 Update 6
be installed ASAP.
http://www.java.com/en/download/manual.jsp
Part 1
-----------
Use noahdfear's SmitFraud, SpyAxe, SpyFalcon, et. al., removal tool -- SmitRem.exe
http://noahdfear.geekstogo.com/click%20counter/click.php?id=1
http://www.bleepingcomputer.com/forums/topic43659.html
Part 2
-----------
Download SmitFraud.exe from the URL --
http://www.ik-cs.com/programs/virtools/SmitFraud.exe
Execute; SmitFraud.exe { Note: You must accept the default of C:\McAfee }
Choose; Unzip
Choose; Close
NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to enable WGET.EXE to download the needed McAfee related files.
Execute; c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }
A final report in HTML format called C:\mcafee\Normal_ScanReport.HTML or
C:\mcafee\Safe_ScanReport.HTML will be generated. At the end of the scan, it will be
displayed in your browser (Opera, FireFox or Internet Explorer). However, if you are using
WinXP, Win2K or Win2003 your system will be left in a state where you will have to manually
shutdown/reboot the PC. On Win9x/ME platforms the report will not be shown in your bowser
but your PC will automatically be shutdown. It is suggested that you move the report out of
c:\mcafee before performing another scan.
It would be best to scan in both Safe Mode and in Normal Mode and save a copy of the HTML
report for each session.
ALTERNATE:
Secured2K's SpyAxe, PSGuard, Smitfraud, Sinnaka and Alemod removal tool.
http://secured2k.home.comcast.net/tools/AntiPuper.exe
http://forums.mcafeehelp.com/viewtopic.php?t=65072
Please Copy and Paste the contents of the HTML Log files;
C:\mcafee\Normal_ScanReport.HTML & C:\mcafee\Safe_ScanReport.HTML in your reply.
* * * Please report back your results * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
.
- Prev by Date: Re: virus deletion problem
- Next by Date: Re: Administrator handling users.
- Previous by thread: Re: virus deletion problem
- Next by thread: Re: Administrator handling users.
- Index(es):
Relevant Pages
|
