Do not try online banking or using cards online until fixed, most trojans have keyloggers.

This was the original post from bleepingcomputer:
I am at my wits end. Tried Spy Bot, Ad-Aware, Zone Alarm, Norton Anti-Virus and nothing is helping with the hijacked homepage, pop-ups and System Alert: Trojan-Spy.Win32@mx with the yellow triangle warning sign on the bar. Can some one help, please?!


Try this:
Download SmitfraudFix.exe from here and save it to your desktop

http://www.bleepingcomputer.com/files/smitfraudfix.php

You should print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.
Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".


The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart anyway into normal Windows.

No guarantees that this will fix the problem but I do think its your best bet (it worked for the guy who sent in the question)

Good luck

I would suggest refraining from doing anything remotely tied in with personel info on the puter,just the slightest hint of a password could get you in trouble with trojans on your puter,it happened to me with just innocently putting password for just my email with personel stuff on it

hope i arnt saying this too soon but it looks like you could have done me good scotfan....watch this space

nope not all gone got this one still

System alert:maleware threats

your pc MIGHT be infected with a backdoor trojan that allows remote attacker to perform malicious actions

emphasise on the word might,could this just be an advertising thingy

Try this Si - I've been using it for years and its not bad and free to boot!

http://www.avast.com/

Move your mouse to free software at the top and then download "avast! HOME EDITION" and try that.

Good Luck!!

:sleighride:


PS I wouldn't put Norton on my PC if they paid me...

Sometimes you can get these messages that ask you to do a Free system scan with their product, then you scan and they come up with a list of threats they have found on your comp. Then they say you cannot delete the little buggas until you sign up for their full version, then they infect you with trojans etc etc.

Best if you can identify who or what program is giving you these alerts. Sometimes it sounds like a legit spyware removal prog. Never click on for free spyware tests. This is how these things can start. Once you clean some of this shit up, always go to Control panel, ..Add / remove progs and look to see if theres anything you dont recognise or like, and delete it. Sometimes go into your Prog Files and look for folders still left lingering with small traces of shit after it has supposedly been removed and manually delete.

Looks like your making progress anyway,...sometimes this takes a while and you may need seveal attempts and tools, but its better that losing all your shit on a new install. Unlesss of course its only photos and stuff which you can back up to disk and then reload.

Exactly that. You must still have a registry entry giving you a popup to a "free" spyware program which is trying to con you out of cash better spent in a bar in Patts. Run ALL the legit antispyware progs I suggested and see if they can at least identify what you may or may not still have. Let me know and I should be able to find the removal tool.

a new development

none of the scans have worked that avast was ok but scared the hell out of me when it was warning me about an attempted attack,it was almost like being on a warship.

Ive now tried something new, i was using my standard packard bell browser before and everytime i logged on pop ups about spyware and maleware were rife,and windows was warning me that i was infected,ive just now downl.oaded mozilla and hey presto not one pop up,not one system alert no windows warnings etc.

I wonder if it could just have been localised to my browser and that i am not infected just my browser was,any thoughts.?

LOL! Sorry Si I forgot the KLAXON NOISE !!!!!

Have a wade through here if you have some time http://www.moneysavingexpert.com/sho...virus-software

Good Luck and dont forget your ear defenders next time! LOL!

Lex

si, have/had the same thing.
ok on firefox but ie caused probs.

think i got rid of it after about 3 weeks trying.

scrapped all the spyware as couldnt shift it, put new version of nod32 on it it immediatly found a few "missed" trojans.

been ok for last week (fingers crossed)

i have a version which gives 27 years trial, no patching keycodes etc.

if you want i can send you a copy (19 meg-ish)

can break it down or upload to rapidshare no probs

always worth a try if you still have probd