"Your computer is infected!" popup

[Jack Vail]

this is an error message on my wife's computer so I am not 100% clear on the
sequence of events that gave rise to this popup. Here are the machine config
details: running Windows XP SP3, IE7. Using PC-cillin Internet Security
2007. Also, this problem seemed to start after she upgraded to IE7 - one
thing I noticed is that the homepage for IE was changed to google.com.

Here is what I am seeing: A popup arising from an icon (a red circle with a
white x) in the task tray indicating that the computer has a spyware
infection. I suspect this popup is not generated by a Microsoft
product/service because there is a spelling error in the body of the error
message: "It recommended you use special antispyware tools to *pervent* data
loss." (*'s added by me). I am not able to right click on the icon to
display properties tab or shortcut menu.

I ran PC-cillin and removed any spyware and/or trojan horse infections.
(note that the trojan horse infections were quarantined - the AV software was
not able to delete the infected files. However, the popup still appears.

I searched through the KB but no luck. Any thoughts? Sorry for the long
post. Thanks.

 

[John Barnett MVP]

Don't click on anything to do with the pop up. Download Malwarebytes Anti
Malware (free) www.malwarebytes.org and run that to see if it picks up the
spyware/malware and removes it.

On noticing that your home page has been changed to something else it may be
that your system has been hijacked by the spyware/malware. To diagnose the
problem you will need to download a free application called hijackthis
http://www.majorgeeks.com/download5554.html

This generates an in-depth report of the registry but needs someone who
knows what they are looking for to interpret it. You should be able to post
your hijackthis log here http://forum.aumha.org/viewforum.php?f=30 and
someone may be able to interpret it for you to see if any spyware/malware
has infiltrated the registry.

However, try the malwarebytes application first to see if it finds anything.


--

--
John Barnett MVP
Windows XP Associate Expert
Windows Desktop Experience

Web: http://xphelpandsupport.mvps.org
Web: http://vistasupport.mvps.org
Web: http://www.silversurfer-guide.com

The information in this mail/post is supplied "as is". No warranty of any
kind, either expressed or implied, is made in relation to the accuracy,
reliability or content of this mail/post. The Author shall not be liable for
any direct, indirect, incidental or consequential damages arising out of the
use of, or inability to use, information or opinions expressed in this
mail/post..

 

[Jack Vail]

Thanks for the info John. I am in the process of running the malwarebytes
service right now. Regarding your good advice not to click on the popup
we're way too far down that path at this point. I am assuming that this
doesn't change your advice but on the chance that it does just let me know!
Thanks again.

John

 

[Mick Murphy]

Download, install and update these 2 programs.
Scan your System in Safe mode, if necessary, to remove problems.
All info below.

http://www.spybot.info/en/index.html

Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program.
Download, install, update, and immunize your System with it.
Then SCAN with it.
Update it, and scan your System once a fortnight.

http://www.malwarebytes.org/mbam.php

Malwarebytes is as the name says, a Malware Remover!
For the Free version scroll down their page to either download from
Download.com, or Major Geeks.com

Download, install, and update.

Important re: Safe Mode
If you happen to find a problem that you can’t uninstall / delete, reboot
the computer, and go into Safe Mode.
To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow
key to get to Safe Mode from list of options, then hit ENTER.
RESCAN your computer with your Anti-Virus, Malwarebytes and Spybot S & D
while in Safe Mode.