Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bogus System Alerts - How To Get Rid


  • Please log in to reply
11 replies to this topic

#1 Quinny

Quinny

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 16 October 2006 - 07:29 PM

Hi - I'm new here, and like everyone else - help needed please.

I picked up a bogus virus alert program that poppped up with messages saying you have this virus or that trojan horse or whatever - I purchased and ran spyware doctor which appears to have removed the public messenger ver 2.03 program but I'm still getting hit with these alerts - such as system alert: Trojan-Spy.Win32@mx. Whenever I try and go on the internet it takes me automatically to http://isecuritypage.com which I assume is where they try and get you to buy packages to deal with the messages it's popping up.

How can I get rid/ I've run spybot it just found the usual low level (DLOexploit?) type things but still getting these pop ups and directed to the dodgy web site.

Any ideas please?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:35 PM

Posted 16 October 2006 - 08:48 PM

Welcome to BC Quinny,
First run this
Smitfraud remover
If your problem is still there,but it shouldn't, follow these instructions Preparation Guide for use before posting a HijackThis Log
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Quinny

Quinny
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 17 October 2006 - 05:23 PM

Hey Boopme,

Thanks for the quick response - I tried to run the smitfraud remover, but when I clicked on it i got an error on page, and then couldn't find page, and then Spyware Doctor kicked in and gave me an alert that the PC was trying to connect to a site called idnserror.com which it blocked?

Any clues - I think that smitfraud thing is what I've got on my spyware doctor scan it comes up as Trojan.popuper but smitfraud is another name for it according to the notes. Spyware Doctor says it finds it, quarantines and removes it, but when I log back in...it's still there.

I also seem to have a program file which might be related called HQVideoCodec which has a command called isamonitor.exe, and I think it's that which is hijacking my internet explorer. Another web site advised to run c:\program files\IntCodec\uninst.exe to remove this, but I've put that in the run command line and it won't do anything.

What next do you think?

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,137 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:35 PM

Posted 17 October 2006 - 05:33 PM

If your using Win XP or 2000, do this.

First, print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please download, install and update AVG Anti-Spyware 7.5. DO NOT perform a scan yet.
Print out the AVG Anti-Spyware Install-Scan Instructions.

Please download ATF Cleaner by Atribune & save it to your desktop. DO NOT use yet.

Go here and follow the instructions for using SmitfraudFix. You will have to extract the zip file to you Desktop.
(Click here for information on how to do this if not sure. Win 9x/2000 users click here. If you need an unzipping utility, download 7zip (its free).

After using the tool as instructed, reboot again in "SAFE MODE" and double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Then scan with AVG Anti-Spyware 7.5 per the instructions you printed out and reboot normally.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:35 PM

Posted 17 October 2006 - 07:04 PM

Thanks Quietman7 ...
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,137 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:35 PM

Posted 18 October 2006 - 04:06 AM

Your welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Quinny

Quinny
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 19 October 2006 - 06:34 PM

Cheers fellas Quietman and Boopme - even though I am a techno novice and have the patience of a gnat, I managed to follow your directions and work through all the fixes....and it seems to have worked - thanks very much.

I have though had since the PC just die suddenly with a blue screen message saying (something like) your system was shutdown because a major error was detected...something like that!!!
Anyway I'll keep an eye on it and come back to pick your brains again if it reoccurs.

Thanks again

Quinny

:thumbsup:

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,137 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:35 PM

Posted 19 October 2006 - 06:49 PM

Now that your system is clean you should SET A NEW RESTORE POINT to prevent reinfection from an old restore point. Any malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to set a new RESTORE POINT:
1. Go to Start > Programs > Accessories > System Tools and click "System Restore".
2. Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
3. Then go to Start > Run and type: Cleanmgr
4. Click "OK".
5. Click the "More Options" Tab.
6. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Quinny

Quinny
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 24 October 2006 - 07:32 PM

Hey quietman - I'm having all sorts of problems now - it seems to be a lack of virtual memory issue? It keeps just shutting down windows suddenly saying check disk space - how do i do that? stop error messages vary one e.g. was 0x0000008EW (0xC0000005, 0x805634F2, 0xF7DF9534, 0x00000000) If that means anything to you I'll be well impressed !!

Also in that clean up manager process I seem to have lost my windows internet explorer icon somehow?

Finally - been trying to download Norton Antivirus 2007, had problems 1st extracting files, then managed to do that by deleting all old NAV files including those in temp folders. I thought I was there when it was merrily downloading all the files, then at about 75% downloaded I got "Runtime error!" Programme NAV14.0\NAVSetup.exe application has requested runtime to terminate it in an unusual way contact applications support team"....have you ever tried to contact Symantec support without having to spend a fortune on a phone call?...you probably haven't!! well the live online help thing just doesn't respond after I type in my initial question....maybe it's all symptoms of this lack of memory issue....I don't know but I am losing the will to live at the moment....any ideas would be much appreciated.

Cheers

Quinny

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,137 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:35 PM

Posted 25 October 2006 - 06:07 AM

The error 0xC0000005 is generated by an illegal "memory access violation". This can be caused by anything from faulty RAM, an incorrect/corrupt device driver, poorly written/updated software and more commonly under Windows XP Service pack 2, malware/adware installations.

http://www.updatexp.com/0xC0000005.html

That link also indicates NAV caused the with an additional message about a file called SAVRT.SYS.

You may be having problems installing NAV 2007 if you previously used Norton and it was not completely uninstalled. Norton products can be difficult to remove. See the discussion topic "How To Remove Your Norton Products".

To regain your IE icon, simple go C:\Program Files\Internet Explorer, then right-click on iexplore.exe and choose "Send to Desktop" (create shortcut)
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 Quinny

Quinny
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 30 October 2006 - 04:39 AM

Hey Quietman - thanks for that - I eventually managed to load the Norton 2007 version - what a palava!!

Also restored my explorer icon - cheers.

I downloaded and bought the registry mechanic programme - it ran and found a load of fixes, but my PC still seems to be running incredibly slowly (Norton takes an age to start up, and if you are running a few programs at once it can't cope). Any other ideas on freeing up space or improving performance? Maybe I just don't have enough RAM or ROM or whatever dictates the speed - how do I check for this?

Thanks again

Quinny

#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,137 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:35 PM

Posted 30 October 2006 - 05:28 AM

A few things you can do to increase performance:

Defrag your system. If your not sure how to do this, then read The Importance of Disk Defragmentation. Then run CHKDSK in "SAFE MODE" and have it repair anything it finds.

Increase performance by doing this:
1. Right click My Computer, choose > Properties > Advanced and click on "Settings" under performance. Then UNcheck all the visual effects, except for the last three. Click "Apply", then "OK", then "OK" again.

2. Right click your desktop and choose > Properties > Appearance > Effects...Uncheck the first two boxes and hit "Okay".

Adding more RAM is a quick fix that can have a dramatic affect on your system's speed and responsiveness. You can check how much RAM you have by going to Start > Program Files > Accessories > System Tools > System Information and look at your System Summary.

If your short on space, clean up your hard drive by removing unused programs and transfer old data, pictures, music files to a CD or an external hard drive.

Check for any unnecessary running services. Use this guide to help fine tune this area: Black Viper's Services Configuration hosted by MajorGeeks for SP1 & SP1a.

Check for any unnecessary applications loading at startup when Windows boots. Many startup programs are not needed and disabling them can save resources and improve performance.

Go to Start > Run and type: msconfig
Click "OK" or press "Enter" and the System Configuration Utility will open.
Go to the Startup Tab, and see what programs are listed.

If you are unsure what any of the startup entries are or if they are safe to disable, then search one of the following Startup Databases:
Startup Programs Database
StartupList Index

Note: MSConfig.exe is a troubleshooting utility used to diagnose system configuration issues. Although it works as a basic startup manager which allows you to enable/disable auto-start programs, msconfig should not be used routinely to disable startup programs.

A better alternative is to use a startup manager. If you have have Spybot S&D 1.4 installed, launch it, go to Mode and select Advanced. Then go to Tools, select System Startups. You will be provided with a list of programs that load when Windows starts. If you untick an entry it will no longer run at startup. This will allow you to experiment and see how your system performs with them disabled. You can always go back and tick any of them to re-enable the startup entry. Other startup managers you can download and use for free are Startup Control Panel, Autoruns and Starter by CodeStuff.

Remove any third party "Memory Manager" or "Optimizer". Windows XP memory management was designed to make the best use of Ram and these memory management utilities defeat that purpose.
They push applications out of RAM into the pagefile, creating holes in the RAM and by doing so,
slow down your computer.

For more suggestions and performance tips read:
"Restore Your Computer's Performance with Windows XP"
"XP Performance Tweaks"
"Performance Boost for XP"
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users