virus?

null · Jul 3, 2004

Everytime I click on the icon to open IE it opens up with a dark blue page
with the following in white writing

Detected SPYware! System error #384
__________________________________________________________________________

Your IP address is 62.254.0.36. Using this address a remote computer has
gained anaccess to your computer and probably is collecting the information
about the sites you've visited and the files contained in the folder
Temporary Internet Files. Attention! Ask for help or install the software
for deleting secret information about the sites you visited.
__________________________________________________________________________
Your computer is full of evidences!

ISP of transmission:NTLI
Your IP address:62.254.0.36
They know you're using:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Your computer is:Windows XP
Risk status for further investigation:VERY HIGH RISK

To protect from the Spyware - click here
To prevent information transmission - click here
To delete the history of your activity, click here

The above three lines are links to
http://www.e-shredder.com/enter.phtml?wm=kamid

The URL showing is C:\WINDOWS\secure.html. I keep deleting the HTML file
called secure.html in the windows folder but everytime I open IE the same
blue page appears and the secure.html file reappears in my windows folder

Everytime I close the window a full page window pops up advertising porn and
I get a red alert from NAV saying Bloodhound.Exploit.10 has been detected in
my local settings and that NAV is unable to repair it

But when I do a full NAV system scan it says there are no viruses on my
computer. What else can be causing this?

Have you read this?:

http://securityresponse.symantec.com/avcenter/venc/data/bloodhound.exploit.10.html

I suggest that you submit the file to Symantec as they suggest. The
"bloodhound" part means a heuristic (or general) detection without the
ability to pinpoint a specific malware.

Meanwhile, you might try renaming your hosts file to hosts.old. And
you haven't mentioned running AdAware and Spybot scanners. See my web
site for links.

Also, you can upload the suspect file for av scanning here:

http://www.kaspersky.com/remoteviruschk.html

See what KAV has to say about it. Maybe you can get a specific malware
name and then with some luck there might be a description available
which would give you enough info to remove the malware.

Keep us posted.

Art
http://www.epix.net/~artnpeg

Purple · Jul 3, 2004

Everytime I click on the icon to open IE it opens up with a dark blue page
with the following in white writing

Detected SPYware! System error #384
__________________________________________________________________________

Your IP address is 62.254.0.36. Using this address a remote computer has
gained anaccess to your computer and probably is collecting the information
about the sites you've visited and the files contained in the folder
Temporary Internet Files. Attention! Ask for help or install the software
for deleting secret information about the sites you visited.
__________________________________________________________________________
Your computer is full of evidences!

ISP of transmission:NTLI
Your IP address:62.254.0.36
They know you're using:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Your computer is:Windows XP
Risk status for further investigation:VERY HIGH RISK

To protect from the Spyware - click here
To prevent information transmission - click here
To delete the history of your activity, click here

The above three lines are links to
http://www.e-shredder.com/enter.phtml?wm=kamid

The URL showing is C:\WINDOWS\secure.html. I keep deleting the HTML file
called secure.html in the windows folder but everytime I open IE the same
blue page appears and the secure.html file reappears in my windows folder

Everytime I close the window a full page window pops up advertising porn and
I get a red alert from NAV saying Bloodhound.Exploit.10 has been detected in
my local settings and that NAV is unable to repair it

But when I do a full NAV system scan it says there are no viruses on my
computer. What else can be causing this?

Thanks in advance

Fran

Kevin · Jul 4, 2004

I don't know if this helps or not, but I use Lavasoft's Adaware Pro, Avast! to
stop ADWARE automatic installs. It sounds like you got hit with one of those
automatic installed ADWARE crap on a website visit. I also recently installed
Hostess to edit my HOST file on XP. Since I started blocking websites on my
computer, I don't get anymore Browser Hijacks, Trojans, SPYWARE/ADWARE crap,
and damn few cookies (if any).

The Prophecy · Jul 4, 2004

Purple said:
Everytime I click on the icon to open IE it opens up with a dark blue
page with the following in white writing

Detected SPYware! System error #384

<snip>

Use all of these for your spyware troubles.

--
Download, update and use the following:

Spybot Search & Destroy
http://www.safer-networking.org/

Ad-Aware
http://www.lavasoftusa.com/

Spyware Blaster
http://www.wilderssecurity.net/spywareblaster.html
http://www.javacoolsoftware.com/spywareblaster.html
http://www.net-integration.net/tools/spywareblaster.html

CWShredder (CoolWebSearch remover)
http://www.spywareinfo.com/~merijn/files/cwshredder.zip

Spy Sweeper
http://www.webroot.com

Fred Garvin · Jul 5, 2004

<snip>

Use all of these for your spyware troubles.

I'm so damn glad I switched to Linux....

null · Jul 5, 2004

I'm so damn glad I switched to Linux....

Seems like a overreaction to me. I have no problems with the Win 9X/ME
series of OS at all.

Art
http://www.epix.net/~artnpeg

virus?

null

Purple

Kevin

The Prophecy

Fred Garvin

null