about every half hour I receive a message in a separate window which appears to me to be an advertisement disguised as a security alert. It explains to me that I may have a "critical registry error" and then instructs me to install a registry cleaner from http://fixpcreg.com
Seems obvious to me that this is b.s., but I can't seem to get rid of it with either Spybot or Adaware.
Is this a legitimate warning? If not, how can I remove it from my computer? My spyware removers don't seem to be working on it.
Thanks for your time.
2006-11-30 18:20:26 · 6 answers · asked by Anonymous in Computers & Internet ➔ Security
It is not real and here is the "fix".
Sounds like you may have an older version of Windows (pre XP SP2). These type of popups often exploit the Windows Messenger Service, which after SP2 is disabled by default.
A popup blocker "thingy" will be of no help in this case.
You have 2 choices to end the problem.
1. You can disable and stop Messenger Service by running services msc. on your computer.
2. You can use the free utility called Shoot The Messenger to automatically disable this unnecessary service.
http://www.grc.com/stm/shootthemessenger...
Please note that Windows Messenger Service is not the same as any Instant Messenger program that you may have on your computer. Disabling it will not cause you to lose any IM functionality that you may have.
Good luck.
2006-11-30 18:29:17 · answer #1 · answered by Anonymous · 1⤊ 0⤋
It may be advertisement. Donot open it. Safeguard yourself bu installing a standard antivirus and an anti spyware. I can give a few links that offer free virus and spyware removers...!You may be having a virus or spyware installed on your PC. Norton, AVG , Avast are free antivirus software. Ad-aware, Ewido are free spyware removers. You can download free softwares at
http://fixit.in/antivirus.html and http://fixit.in/spywareremover.html
2006-12-02 15:01:39 · answer #2 · answered by Anonymous · 0⤊ 0⤋
It's an advertisement. Don't click on it.
It might be coming up because of sites you are visiting, but hopefully the right anti-spyware tool will get rid of it. I like Spybot S&D.
A pop-up blocker might do the trick too.
2006-11-30 18:25:29 · answer #3 · answered by drshorty 7 · 0⤊ 1⤋
Try this procedure and the programs listed. Note the setup of the AdAware SE.
This procedure works for all Malware. Use any AntiVirus or AntiSpy program you choose.
Download and Update Ewido (now called the AVG Antispyware). Do not run:
http://www.ewido.net/en/download/...
Download AdAware SE and update. Do the setup. Do not run:
http://www.filehippo.com/download_ad-aware/
AdAware SE Setup:
1. Select "use custom scanning options" then select "customize". Make sure the following options are enabled: "scan within archives," "scan active processes," "scan registry," "deep scan registry," "scan my IE favorites for banned URLs," "scan my Hosts file."
2. Select the "tweak" option. Under "scanning engine," make sure "unload recognized processes and modules during scan" is enabled. Enable "scan registry for all users instead of current users."
3. Under "cleaning engine" turn on "always try to unload modulesâ€Â¦," "during removal unload explorer and IE if necessary," "let windows remove files in use at next restart," and "delete quarantined items after restoring."
4. Use the "select drives and folders to scan" option to ensure that your entire hard drive is scanned (if you have more than one hard drive, scan all of them (of course, do not include floppy and CD/DVD).
TEMPORARILY SHOW HIDDEN FILES AND FOLDERS.
1. Click Start, and then click Control Panel.
2. Click Appearance and Themes, and then click Folder Options.
3. On the View tab, under Hidden files and folders, click "Show hidden files and folders", and clear(uncheck) the "Hide protected operating system files" check box.
IMPORTANT: Files are hidden by Windows for a very good reason. It is not wise to experiment with these files. Unfortunately, to successfully remove modern spyware we must turn this protection off temporarily. Please turn the protection back on when you have finished cleaning your system.
EMPTY INTERNET EXPLORER BROWSER CACHE:
1. On the Internet Explorer Tools menu, click Internet Options.
2. On the General tab, in the Temporary Internet Files section, click the Delete Files button. Select the Delete all offline content check box in the confirmation dialogue box that appears, click OK. Click OK again.
RESTART IN SAFE MODE:
To do this you need to hold down or repeatedly tap the F8 key while the computer is booting (when the computer is displaying a black screen with white text). When the boot menu appears, use your keyboard arrows to select "Safe Mode."
Safe Mode can look quite ugly. The color may look bad, and all of your desktop icons will be very large. This is normal.
START THE SCAN WITH YOUR ANTI-VIRUS PROGRAM.
When the scan and removal are completed REBOOT COMPUTER. This will restart you in normal mode. DON'T FORGET TO RESET HIDDEN FILES AND FOLDERS.
NEW RESTORE POINT.
The RESTORE POINTS may be infected with the Malware and cannot be used.
HERE'S HOW:
1. Click Start, and then click Control Panel.
2. Click Performance and Maintenance, click System, and then click on the System Restore tab.
3. Select the Turn Off System Restore check box, click Apply, then restart your computer.
4. Return to the System Restore Tab and turn System Restore back on.
TO SET A NEW RESTORE POINT:
1. Click the Start button.
2. Point to Programs, then navigate to Accessories, then System Tools, then click System Restore.
3. Choose Create a restore point, and then click Next.
4. In the Restore point description box, type a name for your restore point, and then click Next.
5. Click OK.
NOTE: If you are using Windows XP Service Pack 2 (SP2) and are unable to access the Internet after removing Malware, there is a command that may fix the problem. It works by resetting the winsock catalogue. Click on Start, then Run and type CMD in the box. Click OK. Type "netsh winsock reset" (no quotes)into the DOS window that appears.
ADDITION INFORMATION ABOUT TROJANS:
There are Trojans that fall into the Smitfraud family. These require the use of a specialized program for removal. Here are two sites that specialize in removing these:
http://www.internetinspiration.co.uk/roguefix.htm
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
2006-11-30 18:29:58 · answer #4 · answered by Anonymous · 1⤊ 1⤋
Get at least three free programs because no one program can detect all spyware. There's a good list here.http://www.basicspywaretips.com/getridofspyware.html
2006-12-01 01:10:40 · answer #5 · answered by Tyler 4 · 0⤊ 0⤋
Adding to waht already said, I call it extortion attempt. First they infect you than they try to make you buy their „removal” tool – try instruction from this page (you can ignore warning), online scanning and eventually posting on forum from first link:
http://forum.tweakxp.com/forum/Topic4303-29-1.aspx
As always pray its not rootkit:
http://www.microsoft.com/technet/sysinternals/Utilities/RootkitRevealer.mspx (Syinternals - recently bought by Microsoft)
http://www.f-secure.com/blacklight/
Online free scanners, free softwares and removal tools:
http://www.kaspersky.com/virusscanner
http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym
http://vil.nai.com/vil/stinger/
http://www.pandasoftware.com/products/activescan
http://www.trendmicro.com/spyware-scan/
http://www.emsisoft.com/en/software/ax/
PS.
Strongly concurring with answer advising using GRC's "Shoot the Messenger".
2006-11-30 18:31:09 · answer #6 · answered by Lisa M 5 · 1⤊ 0⤋