Re: I worm_attck v122.02a
- From: markandsarah <markandsarah.286fjy@xxxxxxxxxxxx>
- Date: Sun, 21 May 2006 21:46:27 +0100
David H. Lipman Wrote:
From: "Richard Bentley" symballein@xxxxxxxxxxxx
| As the subject title says, I think I have a worm/spyware that I can't
delete
| using the new windows defender.
|
| Do you know a really easy way of deleting the spyware?
|
| I'm at the end of my witts with this infection.
| As far as I know it's a scam to get me to buy an adware programme to
remove
| the annoiance!!!
|
| I found an article explaining how to remove the worm,
| but failed to follow the instructions.
|
| Please help.
|
Two part reply..
Perform Part 1 then perform Part 2.
If the first two parts don't work, perform the alternate section.
It is suggested that you execute each tool in Normal Mode then in Safe
Mode.
If you are using any version of Sun Java that is prior to JRE Version
5.0,
then you are strongly urged to remove any/all versions that are prior
to JRE
Version 5.0. There are vulnerabilities in them and they are actively
being exploited.
Therefore, it is highly suggested that if there are any prior versions
of Sun Java
to Version 5 on the PC that they be removed and Sun Java JRE Version
5.0 Update 6
be installed ASAP.
Simple check, look under...
C:\Program Files\Java
The only folder under that folder should be the latest version...
C:\Program Files\Java\jre1.5.0_06
http://www.java.com/en/download/manual.jsp
Part 1
-----------
Use noahdfear's SmitFraud, SpyAxe, SpyFalcon, et. al., removal tool --
SmitRem.exe
http://tinyurl.com/95tzv
http://www.bleepingcomputer.com/forums/topic43659.html
Part 2
-----------
Download SmitFraud.exe from the URL --
http://www.ik-cs.com/programs/virtools/SmitFraud.exe
Execute; SmitFraud.exe { Note: You must accept the default of
C:\McAfee }
Choose; Unzip
Choose; Close
NOTE: You may have to disable your software FireWall or allow WGET.EXE
to go through your
FireWall to enable WGET.EXE to download the needed McAfee related
files.
Execute; c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }
A final report in HTML format called C:\mcafee\Normal_ScanReport.HTML
or
C:\mcafee\Safe_ScanReport.HTML will be generated. At the end of the
scan, it will be
displayed in your browser (Opera, FireFox or Internet Explorer).
However, if you are using
WinXP, Win2K or Win2003 your system will be left in a state where you
will have to manually
shutdown/reboot the PC. On Win9x/ME platforms the report will not be
shown in your bowser
but your PC will automatically be shutdown. It is suggested that you
move the report out of
c:\mcafee before performing another scan.
It would be best to scan in both Safe Mode and in Normal Mode and save
a copy of the HTML
report for each session.
ALTERNATE:
Part 1
-----------
Secured2K's SpyAxe, PSGuard, Smitfraud, Sinnaka and Alemod removal
tool.
http://secured2k.home.comcast.net/tools/AntiPuper.exe
http://forums.mcafeehelp.com/viewtopic.php?t=65072
Part 2
-----------
S!ri's SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
Please Copy and Paste the contents of the HTML Log files;
C:\mcafee\Normal_ScanReport.HTML & C:\mcafee\Safe_ScanReport.HTML in
your reply.
* * * Please report back your results * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
Had this same annoying virus. followed your links and (touch wood) it
has worked like a dream! Thank you.
--
markandsarah
.
- Follow-Ups:
- Re: I worm_attck v122.02a
- From: David H. Lipman
- Re: I worm_attck v122.02a
- References:
- I worm_attck v122.02a
- From: Richard Bentley
- Re: I worm_attck v122.02a
- From: David H. Lipman
- I worm_attck v122.02a
- Prev by Date: Re: Autoplay problem
- Next by Date: Re: After long inactivity, puter won't respond
- Previous by thread: Re: I worm_attck v122.02a
- Next by thread: Re: I worm_attck v122.02a
- Index(es):
Relevant Pages
|
