1. Attention: We have put together a thread with tips and a tutorial video to help with using the new software. Please take a moment to check out the thread here: Trapshooters.com Tutorial & Help Video.
    Dismiss Notice

computer problem

Discussion in 'Uncategorized Threads' started by WATRDOG, Feb 12, 2008.

Thread Status:
Not open for further replies.
  1. WATRDOG

    WATRDOG TS Member

    Joined:
    Jan 29, 1998
    Messages:
    38
    I booted up my computer this mourning and I have a system error message coming up. It says system error! your system is infected by a unknown trojan it's dangerous for your system. click to download the antispyware program to clean your system(recommended) I tried 2 diffrent system scans(windows defender and macafee both didn't find any trojans. I don't think I should download the spyware should I? This box is annoying and keeps coming up! Thanks for your help. Bill
     
  2. whiz white

    whiz white Strong Supporter of Trapshooting Banned

    Joined:
    Jan 29, 1998
    Messages:
    4,771
    Location:
    Rapid City SD
    Do NOT download the suggested anti-spyware program. That is the intent of the entire response; getting you to download and purchase their software. Once you download it, you are stuck with all the problems associated with spy-ware.

    DO THIS: Click the above link and run Trend Micro's HOUSECALL. Click the <Bold=on>"Scan Now. It's Free!"</Bold=off> link. Sounds like you go into a site that put that pop-up on your system.

    HOUSECALL will detect and clean viruses, Trojans, worms, malware, etc. It does not prevent them, it only cleans your system. It will take a while, so plan for that.

    I am a certified reseller of AVG anti-virus software, but I still like Trend Micro's Internet Security better. AVG may be rated higher, but it consumes a TON of resident memory to operate, hence my linking of T/M's PC-cillin.

    I have had several customer's computers here in the shop with the same problem you are experiencing, and each time they downloaded the suggested software. In the end their systems were so corrupted with needless and wasteful "A/V" programs, that it was just easier to do a FDISK and REFORMAT.

    Hope this helps you out.

    Whiz
     
  3. snap

    snap TS Member

    Joined:
    Jan 29, 1998
    Messages:
    4
    Don't download their fix....you just agree to their terms and conditions for one of the worst spywares out there.This spyware will need a special removal tool. The link at the top willtake you to a page....about a 1/3 of the way down you will see a link ....Primary Link: SmitfraudFix (by S!Ri)....down load it and extract it where you can find it.In control panel go to internet options then delete temp files and cookies then empty the recycle bin.

    Reboot your computer begin tapping the f8 key you will get a menu that will let you boot into safe mode (monitor looks real grainy)then run the smitfraud tool and follow instuctions.

    There are some infections that require more. You can poke around the web page that had the download and you might learn more

    I hope this helps !
    Mark
     
  4. slowdp

    slowdp TS Member

    Joined:
    May 7, 2007
    Messages:
    779
    I just went through the same thing. A downloader named Outerinfo got into two at the shop and it downloaded several others. It sounds like you have Vundo as well. Get a copy of SuperAntiSpyware.com (search web or go to geekstogo.com) and run that to start with. There is also a vundofix.exe that will work. You probably have Smitfraud as well. Do not click on any of those popups. Things will get worse. Take the x's out and contact me at the above email with other questions.

    By the way - if you have what I think, it will be your worse nightmare. Consider wiping the disk and starting over or plan on spending 2 to 4 days cleaning.
     
  5. snap

    snap TS Member

    Joined:
    Jan 29, 1998
    Messages:
    4
    http://forums.majorgeeks.com/showthread.php?t=74265

    sorry the link didn't show

    Whiz has good easy advise...I'v found that Trend Micro will not always find this one. Try it first because it's easiest.
     
  6. Frank C

    Frank C Well-Known Member

    Joined:
    Jan 29, 1998
    Messages:
    2,866
    My daughter has an "Awola Spyware" issue popup, took my buddy who is an IT professional a day to get rid of it.....
     
  7. eagles11

    eagles11 TS Member

    Joined:
    May 26, 2007
    Messages:
    144
    Whiz,

    I get a "runtime error" on Outlook Express and then it kicks me out of the program. I can reboot the computer and it works fine for a while then I get it again.

    ??????????

    Jack Burch
     
  8. Jerbear

    Jerbear TS Member

    Joined:
    Jan 29, 1998
    Messages:
    3,588
    Waterdog, follow Whiz's instructions and after that, go to the above site and see if your system is clean. You probably have gotten that pop up from an "drive by" which means you were on a site and your version if IE is not secure. You must secure your browser,go to tools and options and then privacy, now click on Advance and make sure these three things have a check or tic. Override automatic cookie handling, Allow first part cookies, Block third party cookies, Always allow for seeion cookies.Ok out.

    Download Spybot search & Destroy and update it, now go to immunize and run that until the first column is all 0's. Now run the program to find any bots and Trojans and fix any it finds. You may be asked to run it after a reboot because some spyware is running in memory and can't be removed until a reboot do so.

    You will find the latest S&D here... http://www.xteq.de/index2.php

    Copy and paste it into your address bar and download it from that page.

    Let us know how you fare.

    Jerbear
     
  9. Jerbear

    Jerbear TS Member

    Joined:
    Jan 29, 1998
    Messages:
    3,588
    eagles11, what's the error? need more information, what operating system, outlook express version- can be found when opened go to help and down to about. that will show you the version. The most important thing is and Whiz will tell you this as well

    MAKE SURE YOUR WINDOWS PATCHES ARE ALL UP TO DATE !!!!!!!!!!!!!!!!!!!!!!!!


    If you are not sure in Internet Explorer go up to tools and windows update. Update all critical patches and if you don't want IE7.0 you don't have to download it, just go to custom download and uncheck the box.
     
  10. slowdp

    slowdp TS Member

    Joined:
    May 7, 2007
    Messages:
    779
    Everyone using Microsoft IE - switch now to Mozilla Firefox - it is free and a lot safer! Get it here http://www.mozilla.com/en-US/firefox/
     
  11. eagles11

    eagles11 TS Member

    Joined:
    May 26, 2007
    Messages:
    144
    "Runtime Error" That is all it says except that it will close the program. Windows XP, Outlook Express version 6. My system is updated EACH DAY.

    Thanks,

    Jack Burch
     
  12. WATRDOG

    WATRDOG TS Member

    Joined:
    Jan 29, 1998
    Messages:
    38
    Whiz, thank you for the help. But it didn't clean it up found a virus but couldn't get rid of it? Jerbear I tried to do the infectedornot but wouldn't let me down load the program that frigen box comes up and frezzes it up.I went to the xteg thing says I have a virus. and it came up you tube porn? Thanks to my kid looks like? What do I do now? I'm getting mad and ready to take a hammer to the whole thing!Thanks for the help guys. Bill
     
  13. Hauxfan

    Hauxfan Well-Known Member

    Joined:
    Jan 29, 1998
    Messages:
    5,083
    Watrdog, you might have to have a pro look at it.

    Good Luck!

    Hauxfan!
     
  14. slowdp

    slowdp TS Member

    Joined:
    May 7, 2007
    Messages:
    779
    Go here for the smitfraudfix file and run it. Do it like the instructions state. http://www.bleepingcomputer.com/files/smitfraudfix.php

    Then go here to get the vundo fix
    http://www.atribune.org/downloads/VundoFix.exe

    next download and run
    http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

    READ the instructions. Go to www.geekstogo.com. Create a login - free. Search for the above for more instructions. When the above programs are run you should be clean enough to run hijackthis.exe. Download and run it and follow the instructions on geekstogo as to how to post the log. Someone will help you.

    Bleepingcomputer.com and majorgeeks.com are other sources of help.

    All of the above programs are safe. Search the web for their names if you are not sure. You man have to go to safe mode with networking to get the downloads. Some virus programs will not let you download the fixes.

    Superantispyware.com is also very good. Go here to get it.
     
  15. halfmile

    halfmile Well-Known Member

    Joined:
    Jan 29, 1998
    Messages:
    15,642
    Location:
    Green Bay Wisconsin
    I just got rid of one called Virus Heat. It gave warnings on some phony malware that wasn't there and urged me to buy the program.

    It parked in my hard drive and would not leave till I blasted it out with "Hijack this!" also from Trend Micro, be very careful with it as it is deadly. Whatever you select will be blasted to oblivion, and if you do the wrong thing you can make a mess.

    Any of these leech programs can be checked with your search engine. Wikipedia has lots of info on the malwares to, just put the name in.

    Don't download anything uninvited, just as you don't buy unsolicited goods.

    HM
     
  16. slowdp

    slowdp TS Member

    Joined:
    May 7, 2007
    Messages:
    779
    The only safe way to close those popups is to hit [Ctlr]-[Alt]-[Del] - run taskmgr - select "applications" tab - and close the application using the "end process" button. Closing it any other way can still run something before it closes. Some of the virus writers take control of the pc to the point that taskmgr will not run. I wonder how the virus writer would like a virus from a 45. I think they call that the lead poison virus.

    Still run superantispyware.com. It will detect a lot.

    I wasted 4 days last week cleaning machines in the office. That is the first problem we have had in several years.

    Right now there is a virus spreading in .vcf files. Be careful opening v-cards from people you do not know.
     
  17. whiz white

    whiz white Strong Supporter of Trapshooting Banned

    Joined:
    Jan 29, 1998
    Messages:
    4,771
    Location:
    Rapid City SD
    EAGLES11: Sounds like something's a-miss in IE.

    I would reboot, and as the computer is in the CMOS boot-up screen, press and hold down the [F8] key to force the computer into Safe Mode.

    When you get into Safe Mode, select Safe Mode with NETWORKING.

    Once you are in the Safe Mode ugly screen, see if you can open your browser, in your case, IE.0. If you can, then head over to http://www.trendmicro.com, and run House Call again. If you can't, you may have to run a Windows reinstall UPGRADE/REPAIR.

    You could have a resident problem program running in RAM. There is also another way to finish this up, but I refrain from telling anyone to stop Restore from running. First, let HOUSECALL see if it finds anything more.

    JERBER, above, suggests another site I've not used, but he it pretty computer literate, so you may want to try that site. The site is: http://www.infectedornot.com/

    Reboot when done, so you can get to your normal boot-up.

    If everything gets fixed, then I'd up your browser to IE7.0.

    Whiz
     
  18. Jerbear

    Jerbear TS Member

    Joined:
    Jan 29, 1998
    Messages:
    3,588
    Waterdog go to the link and follow my instructions 8 post up. Spybot may find it and kill it. Don't format just yet.

    Jerbear
     
  19. WATRDOG

    WATRDOG TS Member

    Joined:
    Jan 29, 1998
    Messages:
    38
    Jerbear and whiz, and everybody else that helped. I think I may have gotten the bugger? I downloaded the spybot paid the money and cleaned and cleaned. Hopefully this takes care of it? And a good butt chewing for my son! LOL I'd never have done anything like that when I was his age? LOL Thanks again for all the help guys I know this wasn't about 71/2's or 8's but it's all good. Bill
     
Thread Status:
Not open for further replies.