Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"virus Infection" Flashing Banner When Opening Internet Explorer


  • Please log in to reply
17 replies to this topic

#1 cainchu

cainchu

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 01 February 2006 - 04:18 PM

When I try to open Internet Explorer I'm getting a page showing big flashing banner "Virus Infection". Below it appears the following:

"You are infected by Spyware ! Your personal information can be stolen!

Spyware related files may:
Log your internet activity
Get your bank account passwords, and send it through internet
Get your email passwords
Slow down your computer and intenet connection
Delete any files and compromise your Operating System
We advice you immediately to scan your system and terminate all the files and processes that are related to spyware to avoid your system being compromised.

--------------------------------------------------------------------------------

Spyware removal tools: "

I can not get the home page. I can get to sites from my favorite list.
At around the time I noticed it first, I was checking employment sites: SnagAJob, business.com, Guru.com, Monster, QuintCareers. I might have linked to other sites from those sites.

I've scanned with Spybot and Ad-Aware Se, removed whatever was recommended to be removed, restarted the computer, but the pest is still here.

I'm using Windows XP, home edition.

I hope this info is helpful. Please advise.
Thanks,
cainchu.

BC AdBot (Login to Remove)

 


#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:12:04 PM

Posted 01 February 2006 - 04:23 PM

Hi There :thumbsup:

I have read your post and I think it would be wise for you to post a HijackThis log for an expert to review. I bet you are wondering what HijackThis is. Well it's a program that is simply able to show others what's going on inside your computer, in terms of infection etc..

I recommend you follow the HijackThis preparation guide which can be found here. It is important that you follow the guide closely. A number of scans will be run which may well fix your problem.

As the guide says, after you have completed the scans that are recommended, please post your "HijackThis" log in a new topic in the forum found here. Please add your system infomation and also what problems you are having. Please wait for a few days and one of our experts will get onto fixing your computer for you.

David

#3 cainchu

cainchu
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 02 February 2006 - 01:01 PM

Hi David, in McAfee AVERT Stinger, where is the "Auto Clean" box?
Thanks for you assistance, cainchu

#4 cainchu

cainchu
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 02 February 2006 - 01:03 PM

One more question: what directories should I scan with the Stinger?
cainchu.

#5 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:12:04 PM

Posted 02 February 2006 - 01:38 PM

Hi cainchu :thumbsup:

At the moment i cannot seem to access the Stinger's site, so therefore can't help with that query. Please skip that step for now and continue with the rest.

Thanks,
David

#6 cainchu

cainchu
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 02 February 2006 - 03:52 PM

Hi David,
I'm sorry to bother you again. The HijackThis process is not going smooth. I'm in step 7 - Enable or Install Firewall. I tried to download the LabZone one. It prompted me to scan the computer first, which I did, and few problems were found. It prompted me to clean the problems before installing the Firewall. When I tried to run the ZoneAlarm's "Internet Security Suite" an error read that there is Computer Associates Antivirus software on my computer that conflicts with ZoneAlarm Suite, and I should uninstall it first. I ran search for Computer Associates Antivirus but found nothing. I'm not familiar with that name. What do you suggest?
Thanks again,
Cainchu.

#7 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:12:04 PM

Posted 03 February 2006 - 12:19 PM

Hi again, sorry for the delay.

Let's see what you have installed on your computer at the moment:

List programs that can be removed using Windows 'Add or Remove'

This utility "List Installed Programs" will provide a list of installed programs. It is found half way down the page. Click on the little arrow and then the download icon that is on the new window that opens up. You can download the script and run it from your hard disk or run it without downloading.
When asked to enter the PC details - leave it blank and click OK. Ask to view the results and copy the Notepad list. Paste it in a reply to this thread.

David :thumbsup:

#8 cainchu

cainchu
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 03 February 2006 - 07:37 PM

Hi David, Here is the requested info:

INSTALLED SOFTWARE (108) - MICHAEL - 2/3/2006 4:33:10 PM

2Wire Wireless Client
Ad-Aware SE Personal Ver: 1.06
Adobe Acrobat - Reader 6.0.2 Update Ver: 6.0.2 Installed: 2/8/2005
Adobe Acrobat and Reader 6.0.3 Update Ver: 6.0.3 Installed: 2/8/2005
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Download Manager 1.2 (Remove Only)
Adobe Photoshop Album 2.0 Starter Edition Ver: 2.00.100 Installed: 10/5/2004
Adobe Reader 6.0.1 Ver: 006.000.001 Installed: 10/5/2004
AOL Instant Messenger (SM)
BigFix
ClickArt® 40,000 Image Pak
CompuServe
DVD Shrink 3.2
eMachines Bay Reader Ver: 1.07 Installed: 5/5/2004
eMachines Bay Reader Ver: 1.07 Installed: 5/5/2004
ICQ
InCD
Java 2 Runtime Environment, SE v1.4.2 Ver: 1.4.2 Installed: 5/1/2004
Learn2 Player (Uninstall Only)
Lexmark Photo Center Ver: 1.05 Installed: 9/16/2004
Lexmark Photo Center Ver: 1.05 Installed: 9/16/2004
Lexmark Z700-P700 Series
Macromedia Flash Player 8 Ver: 8
Metafile Companion 1.10
Microsoft Data Access Components KB870669
Microsoft Home Publishing 2000 Ver: 4.0.0000 Installed: 9/26/2005
Microsoft Money 2004 Ver: 12.0.50 Installed: 5/1/2004
Microsoft Money 2004 System Pack Ver: 12.0.80 Installed: 5/1/2004
Microsoft Office 2000 Disc 2 Ver: 9.00.2720 Installed: 2/1/2005
Microsoft Office 2000 Professional Ver: 9.00.2720 Installed: 2/1/2005
Microsoft Office PowerPoint Viewer 2003 Ver: 11.0.6366.0 Installed: 10/11/2004
Microsoft Picture It! Photo Premium 9 Ver: 9.0.0.0000
Microsoft Picture It! Photo Premium 9 Ver: 9.0.0.0000 Installed: 5/7/2004
Microsoft Works 7.0 Ver: 07.02.0620 Installed: 5/1/2004
Multimedia Keyboard Driver
Nero OEM
Netscape 6 (6.2.1)
NVIDIA Display Driver
NVIDIA Drivers
NVIDIA Ethernet Driver
NVIDIA nForce Drivers
PowerDVD
QuickTime
RealPlayer Basic
SBC Yahoo! Applications
SBC Yahoo! DSL Home Networking Installer
Security Update for Windows XP (KB883939) Ver: 1 Installed: 6/16/2005
Security Update for Windows XP (KB890046) Ver: 1 Installed: 6/16/2005
Security Update for Windows XP (KB893756) Ver: 1 Installed: 8/11/2005
Security Update for Windows XP (KB896358) Ver: 1 Installed: 6/16/2005
Security Update for Windows XP (KB896422) Ver: 1 Installed: 6/16/2005
Security Update for Windows XP (KB896423) Ver: 1 Installed: 8/11/2005
Security Update for Windows XP (KB896424) Ver: 1 Installed: 11/9/2005
Security Update for Windows XP (KB896428) Ver: 1 Installed: 6/16/2005
Security Update for Windows XP (KB896688) Ver: 1 Installed: 10/16/2005
Security Update for Windows XP (KB899587) Ver: 1 Installed: 8/11/2005
Security Update for Windows XP (KB899588) Ver: 1 Installed: 8/11/2005
Security Update for Windows XP (KB899591) Ver: 1 Installed: 8/11/2005
Security Update for Windows XP (KB900725) Ver: 1 Installed: 10/16/2005
Security Update for Windows XP (KB901017) Ver: 1 Installed: 10/16/2005
Security Update for Windows XP (KB901214) Ver: 1 Installed: 7/14/2005
Security Update for Windows XP (KB902400) Ver: 1 Installed: 10/16/2005
Security Update for Windows XP (KB903235) Ver: 1 Installed: 7/14/2005
Security Update for Windows XP (KB904706) Ver: 1 Installed: 10/16/2005
Security Update for Windows XP (KB905414) Ver: 1 Installed: 10/16/2005
Security Update for Windows XP (KB905749) Ver: 1 Installed: 10/16/2005
Security Update for Windows XP (KB905915) Ver: 1 Installed: 12/17/2005
Security Update for Windows XP (KB908519) Ver: 1 Installed: 1/11/2006
Security Update for Windows XP (KB912919) Ver: 1 Installed: 1/6/2006
Skype 1.4 Ver: 1.4
SoftV92 Data Fax Modem with SmartCP
Spybot - Search & Destroy 1.4 Ver: 1.4
Update for Windows XP (KB894391) Ver: 1 Installed: 8/11/2005
Update for Windows XP (KB896727) Ver: 1 Installed: 8/11/2005
Update for Windows XP (KB898461) Ver: 1 Installed: 6/29/2005
Update for Windows XP (KB910437) Ver: 1 Installed: 12/17/2005
Viewpoint Manager (Remove Only)
Viewpoint Toolbar (Remove Only)
WebFldrs XP Ver: 9.50.6513 Installed: 5/1/2004
Winamp (remove only)
Windows Backup Utility Ver: 5.1 Installed: 5/1/2004
Windows Genuine Advantage v1.3.0254.0 Ver: 1.3.0254.0 Installed: 1/2/2006
Windows Installer 3.1 (KB893803) Ver: 3.1
Windows Installer 3.1 (KB893803) Ver: 3.1
Windows Media Format Runtime
Windows Media Player 10
Windows Movie Maker 2.0 Ver: 2.0.0000 Installed: 5/1/2004
Windows XP Hotfix - KB834707 Ver: 20040929.110854
Windows XP Hotfix - KB867282 Ver: 20050127.090417
Windows XP Hotfix - KB873333 Ver: 20050114.005213
Windows XP Hotfix - KB873339 Ver: 20041117.092459
Windows XP Hotfix - KB885250 Ver: 20050118.202711
Windows XP Hotfix - KB885835 Ver: 20041027.181713
Windows XP Hotfix - KB885836 Ver: 20041028.173203
Windows XP Hotfix - KB886185 Ver: 20041021.090540
Windows XP Hotfix - KB887472 Ver: 20041014.162858
Windows XP Hotfix - KB887742 Ver: 20041103.095002
Windows XP Hotfix - KB888113 Ver: 20041116.131036
Windows XP Hotfix - KB888302 Ver: 20041207.111426
Windows XP Hotfix - KB890047 Ver: 20041221.124506
Windows XP Hotfix - KB890175 Ver: 20041201.233338
Windows XP Hotfix - KB890859 Ver: 1 Installed: 4/14/2005
Windows XP Hotfix - KB890923 Ver: 1 Installed: 4/14/2005
Windows XP Hotfix - KB891781 Ver: 20050110.165439
Windows XP Hotfix - KB893066 Ver: 1 Installed: 4/14/2005
Windows XP Hotfix - KB893086 Ver: 1 Installed: 4/14/2005
Windows XP Service Pack 2 Ver: 20040803.231319
Yahoo! Toolbar

Thanks,
cainchu.

#9 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:12:04 PM

Posted 04 February 2006 - 05:41 AM

Ok, at the moment you have no AntiVirus or a Firewall.

I would recommend Grisofts© AVG or AVAST©. As these are the more secure and better ones.

Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. For an article on Firewalls and a listing of some available ones see the link below:
Click here for more information on -> Computer Safety On line - Software Firewalls
I would recommend ZoneAlarm© as a firewall as it's easy to use. But for a more secure firewall, Sunbelts Kerio© is the one.
If you try to install one of the firewalls and it doesn't work, try another one :thumbsup:

Let me know how it goes.
David

#10 cainchu

cainchu
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 11 February 2006 - 09:47 PM

Hi David,
I'm sorry Idid not respond earlier. There was an emergency I had to attend to. However, upon my return home I found to my dismay that Internet Explorer home page now included porno photos . My daughter is occasionally using this computer as well. I've restored the original home page by going into 'Control Panel', > ‘Internet Options’ > General Tab > Home Page > I’ve deleted the address of the home page that was there and typed in the original home page address. This way I've eliminated that problem.
Prior to my trip I've installed the ZoneAlarm firewall and Avast AntiVirus. What should be the next step?
Please advise. Thanks for your help.
cainchu.

#11 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:12:04 PM

Posted 12 February 2006 - 03:50 AM

Hi cainchu

No worries about the delay; i hope nothing bad happened in your emergency. So far you've done really well, only a short bit to do to get the HijackThis log posted. Continue from step 9 (:thumbsup:) in the HijackThis preparation guide, which can be found here:
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

David

#12 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:07:04 AM

Posted 13 February 2006 - 05:21 AM

cainchu

I have split your HJT log away from this thread and moved it into the HJT forum here.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#13 cainchu

cainchu
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 15 February 2006 - 12:59 PM

Hi,

Please advise what is the next step.

Thanks,
cainchu

#14 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:12:04 PM

Posted 15 February 2006 - 01:11 PM

Please be patient, and a HJT team member will help you to clean up your system. Your topic can be found here:
http://www.bleepingcomputer.com/forums/t/44033/virus-infection-flashing-banner-when-opening-internet-explorer/

David

#15 cainchu

cainchu
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 15 February 2006 - 01:55 PM

Hi David,
Thanks for your response. I just did not know what's going to be the next step.
Best regards,
cainchu.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users