Post by thinker on Nov 25, 2006 0:20:50 GMT -5
Do you have a pop-up window that says: You have 55 critical system errors, go to this URL to fix it, etc.?
If you click on the pop-up to close it, it continues to open, each time telling you to go to a different URL to fix the problem.
First, know that if Windows has a problem and alerts you, it will ONLY give you a URL to Microsoft itself. It will not tell you to go to some hokey dot com names, so you should recognize something's wrong immediately.
This pop-up is an evil new spam scam that works live - IT IS A TROJAN and IT MUST GO. It appears that it can and does track you like a dog, too.
When searching online for fixes, I mostly found the advice to disable the Messenger Services in Windows.
That is wrong. It is like taking Prosac for Morgellons. Wrong diagnosis, wrong treatment.
I even saw some guy who claims to have 30 years experience stating this pop-up event is "nothing," and to just turn off Msgr Svcs so you don't see the pop-up anymore.
If you disable the Msgr Svcs, you will indeed stop the pop-up win, but you will not stop the underlying problems, which are considerable.
To-date, I have not heard of (nor found) any anti-vi or spyware program that finds and fixes this problem. It is a hideous one that has folks stumped.
If you have this problem, it will take some Registry editing to fix it. If you are unfamiliar with the Registry, it is best you ask someone who is familiar with it to work on it. The Registry is like the spine to the computer body...sometimes tricky and can affect everything.
Also, know that you may have icons disappear from your desktop if you start removing these Registry keys, but I found no instance of actual programs being removed or corrupted - you just may have to set up some desktop icons again.
Chances are, when you search your Registry for the words, "Kasper, Skylab, LZIO, SmitFraud," as some examples, you will find some amazing things have been placed on your PC.
Folks, this is really heinous advertising. The PC I was attempting to repair had probably 1500 keys added to the Registry, for things like zex (I misspelled on purpose - our censor would probably change the real word to "thingy") and gambling and a lot more.
These villains are normally set up in Internet Explorer and listed under a main key name of Zone Maps. You can search for Zone Maps, too, in the Registry.
If you have these Registry keys, When you connect to the internet, your PC is remotely attached to and tracked. I am certain of this - I watched and tracked the IP as it hit the PC each time a pop-up occurred. It is being done remotely in conjunction with info placed in your Registry.
It is possible the new spam scam was set up alongside a new downloaded program or was piped through covertly, either by modem or DSL - wireless - on a protected PC.
There are also some remote services in Windows that can be changed to "Manual, Stopped." To find those services, Click My Computer - Control Panel - Admin Tools - Services - then arrow
down to the "Remote Access Auto Connection Manager" and to "Remote Registry Manipulation."
By setting those two services to Manual, Stopped, it should prevent more skullduggery.
Once ridding the PC, keep an eye on your Registry, especially if the PC begins to slow or grind or click a lot. It is usually the first symptom of invaders that have bypassed all of your protective devices.
Always ask experts when messing around with Windows. And always have your important info backed up. Actually, if your PC is online, you shouldn't have important info on that PC, but maybe it's not a perfect world.
There are plenty of folks smarter than I, and if you discover nything incorrect about the above, please let me know immediately and I will alter this post.
WHOMEVER HAS THE MOST INFORMATION IS KING. Remember that. It is big biz and everyone wants to know everything about you. Hang onto your privacy like it's the last precious thing you have - it likely is.
PM me if you have questions and I'll try to help.
If you click on the pop-up to close it, it continues to open, each time telling you to go to a different URL to fix the problem.
First, know that if Windows has a problem and alerts you, it will ONLY give you a URL to Microsoft itself. It will not tell you to go to some hokey dot com names, so you should recognize something's wrong immediately.
This pop-up is an evil new spam scam that works live - IT IS A TROJAN and IT MUST GO. It appears that it can and does track you like a dog, too.
When searching online for fixes, I mostly found the advice to disable the Messenger Services in Windows.
That is wrong. It is like taking Prosac for Morgellons. Wrong diagnosis, wrong treatment.
I even saw some guy who claims to have 30 years experience stating this pop-up event is "nothing," and to just turn off Msgr Svcs so you don't see the pop-up anymore.
If you disable the Msgr Svcs, you will indeed stop the pop-up win, but you will not stop the underlying problems, which are considerable.
To-date, I have not heard of (nor found) any anti-vi or spyware program that finds and fixes this problem. It is a hideous one that has folks stumped.
If you have this problem, it will take some Registry editing to fix it. If you are unfamiliar with the Registry, it is best you ask someone who is familiar with it to work on it. The Registry is like the spine to the computer body...sometimes tricky and can affect everything.
Also, know that you may have icons disappear from your desktop if you start removing these Registry keys, but I found no instance of actual programs being removed or corrupted - you just may have to set up some desktop icons again.
Chances are, when you search your Registry for the words, "Kasper, Skylab, LZIO, SmitFraud," as some examples, you will find some amazing things have been placed on your PC.
Folks, this is really heinous advertising. The PC I was attempting to repair had probably 1500 keys added to the Registry, for things like zex (I misspelled on purpose - our censor would probably change the real word to "thingy") and gambling and a lot more.
These villains are normally set up in Internet Explorer and listed under a main key name of Zone Maps. You can search for Zone Maps, too, in the Registry.
If you have these Registry keys, When you connect to the internet, your PC is remotely attached to and tracked. I am certain of this - I watched and tracked the IP as it hit the PC each time a pop-up occurred. It is being done remotely in conjunction with info placed in your Registry.
It is possible the new spam scam was set up alongside a new downloaded program or was piped through covertly, either by modem or DSL - wireless - on a protected PC.
There are also some remote services in Windows that can be changed to "Manual, Stopped." To find those services, Click My Computer - Control Panel - Admin Tools - Services - then arrow
down to the "Remote Access Auto Connection Manager" and to "Remote Registry Manipulation."
By setting those two services to Manual, Stopped, it should prevent more skullduggery.
Once ridding the PC, keep an eye on your Registry, especially if the PC begins to slow or grind or click a lot. It is usually the first symptom of invaders that have bypassed all of your protective devices.
Always ask experts when messing around with Windows. And always have your important info backed up. Actually, if your PC is online, you shouldn't have important info on that PC, but maybe it's not a perfect world.
There are plenty of folks smarter than I, and if you discover nything incorrect about the above, please let me know immediately and I will alter this post.
WHOMEVER HAS THE MOST INFORMATION IS KING. Remember that. It is big biz and everyone wants to know everything about you. Hang onto your privacy like it's the last precious thing you have - it likely is.
PM me if you have questions and I'll try to help.