READ HERE! (http://forums.majorgeeks.com/showthread.php?t=152146)

If you get a change in your desktop wallpaper that is a warning to you (Supposedly form Microsoft) to use an antivirus and a malware elimination program that have mysteriously appeaded on your desktop, STOP!

Do not do it. If you do you will not get rid of it, but only make it worse...

This is possibly the nastiest Trojan-Virus-Malware infection on the world wide web today. Spybot won't touch it. It messes up your computer's Registry. It even disables TASK MANAGER so that you cannot shut down its execution files.

So, let us start a discussion. So far I have not been able to completely clean my computer of this and so I am sending this warning on my wife's computer.

I may have to get a new one because of this mess.

Try with this,

http://www.bleepingcomputer.com/forums/topic131299.html

http://www.bleepingcomputer.com/files/sdfix.php

Sdfix work well to eradicate the latest virtumondo (smitfraud) versions

Il used it many times with success since about 2 months.

Regards

Radar69

radar69 (imported) wrote: Sat Sep 20, 2008 9:14 pm Try with this,

http://www.bleepingcomputer.com/forums/topic131299.html

http://www.bleepingcomputer.com/files/sdfix.php

Sdfix work well to eradicate the latest virtumondo (smitfraud) versions

Il used it many times with success since about 2 months.

Regards

Radar69

Thanks, radar69.

I ended up downloading Softspy SE -- XoftSpySE -- and it came with a free version of RegCure.

Then it took google searches to get the instructions on how to repair Windows Picture and Fax Viewer repaired.

It was repaired pretty simply like this...

If you want to reinstall the Windows Picture and Fax Viewer software

do the following.

Click on Start, Run... and type in:

regsvr32 /u %windir%\system32\shimgvw.dll

Once that process has finished do the following

Click on Start, Run... and type in:

regsvr32 /i %windir%\system32\shimgvw.dll

This should reinstall Picture and Fax viewer.

I found it here... (http://answers.google.com/answers/threadview?id=765584)

http://answers.google.com/answers/threadview?id=765584

After the Windows picture and fax viewer works you can get that damned virus-generated nasty-looking wallpaper down.

Then you have to go back in and set the folder preferences in the Control Panel in windows and things get back to normal, FINALLY...

So if anybody has the misfortune of this happening to them at least you know one method to fix it. It costs some money but keeping these programs working is worth it, I think...

Of course, if you can use radar's suggestion for free the Windows Picture and Fax viewer fis is here for you for free and the folder preferences are not too hard to do, either.

If this happens to you, good luck and remember, patience is the key to the fix...

...and...

Thanks, radar69...

As far as I am concerned the only way to positively get rid of a nasty virus or spy ware is to...

- go buy a new hard drive (currently frys.com (http://shop2.frys.com/product/5478279?s ... IN_RSLT_PG) has a great deal on a One Tb seagate drive onsale)

- go home and physically disconnect your old drive then hook up the new drive, and reinstall all your programs.

- install any and all updates for your OS then install your security software (currently Norton just released the new Norton Internet Security 2009 (http://www.frys.com/product/5723572) and can by bought at Frys.com for a after rebate price of $4.99 if your upgrading)

- once all the security updates are inplace you can turn off your computer reconnect your old drive. then start the computer and have your security app scan everything on the old drive this should get rid of it.

- then you can go through and cherry pick through your old drive to save date and such.

- NOTE: If you are using the new SATA drives you need to make sure that your BIOS is set to use the new drive as the drive to start from and not the old drive. IF your using the older IDE drives just make the old drive the slave.

Before attempting the above make sure you understand the above steps!!!! Which email program do you use? If outlook express it is possible to retrieve all your email files, and I can tell you how to do it. I am sure it is possible with others but do not know them

one other thing....before disconnecting the old drive back up your address book and email settings. In most cases this just exports the info to a folder of your choice and then you can import them later. Make a note of any favorite things you might have installed so you can find them and reinstall, but make note that something you downloaded and installed is the most likely cause of your current problem.

Always be careful when downloading and installing anything, and only install things from sites you trust! And then even be a bit paranoid and scan the item before installing using your anti virus [and then if your really paranoid use one or more online free anti virus scanners to check them out! Remember when it comes to computer security you can never be to paranoid and make sure that anyone else that uses your computer understands this as well!!!!

Be aware of drive by downloading! Sometimes you can be sent to a site that will warn you that you need to install this, that or the other thing NEVER DO IT! If you need to install something like Flash you will be sent to the proper place on the adobe site, but even then take a moment to check the url and make sure its adobe.com and not something like abobe.com

I have been on the net and computers my whole life, and I was infected one time by a virus, and that was all it took for me to become paranoid about my computers security.

My computer is more secure then my house!

One thing to remember is that a lot of this crapware can infect removable media as well, if that media gets plugged into the PC before you know the crapware is there. You pull the media out, put it in another PC, or back in the old one when it's fixed, and you're infected again.

We had a customer bring in a media card that was infected with the Klezworm about 2 years ago, and while the main computer had an AV program running on it, the thing managed to jump off the card and across the network and infect the Noritsu printer, which has a 1-way connection set up via their own co-OS. Don't ask me, it's a trade secret how they do it...I've been trying to break into Noritsu for years and can't do it.

Took me 2 days to chase that sucker down and get rid of it!

Problem is, any of the AV softwares out there attack the Noritsu OS because it is essentially a huge virus in itself...

One time I was helping a client hook up a bunch of new equipment, but never made it past his new digital camera (many years ago now). I got the camera hooked up and working, and we viewed the pictures. I had to restart the machine because the next devices software had just finished installing (always restart your computer after each installation). When the computer started back up we went back to the camera to show him how to get the photos off the camera and into the hard drive, but the photos had been corrupted. I copied one photo on to a floppy disk (yeah that's how long ago it was). He had to get going and so did I. That night I scanned the floppy with Norton Anti virus and it found one (this one went after jpgs, gifs and such). Went back over to his house for the next appointment, and did a search for all jpgs. Every jpg on the computer was corrupted, and I assumed by the same virus. I told him that cleaning the computer should take priority and he needed to get an antivirus. I also told him that I had found several programs that might be able to fix all of his pictures but it costs about $40. He was not interested. After that appointment I went home, and he was never again available and I think he blamed me for the virus.

Because of the above when ever I get on anyone's computer I check to make sure that the latest security updates are installed, and that the antivirus has the latest updates. I have found over the years that many people never bother to update their computers at all, and I give them a lecture about staying updated. I am grateful that software senders force people to update their software these days.

Computer security is only as good as the people who use the machine. I have found that kids are a primary reason for crap getting on computers...especially these days.

In this day and age the viruses do not cause delete things or corrupt things like they use to, but they do turn your computer into zombies and doing the bidding of their new syndicate crime masters. Assume that every piece of software has maleware, and crapware until you know otherwise. Once a week my computer does a complete scan of every file on the computer ( I leave the computer on all night when it does the scan). Then at least once a month I use one of the online free virus scans (http://www.google.com/search?source=ig& ... gle+Search)to scan the computer (again leaving on all night) Then every once and awhile I scan with Adaware (http://www.lavasoft.com/single/trialpay.php) its a free program but you have to manually tell it to scan.

I would rather let the computer do the scanning when I am asleep, so I do not have to put up with it when I am using it.

Note - If your computer is infected then you must turn it off when you are not directly using it! Or at least take it offline when you do not need the web.

It is possible to clean the computer without reformatting and reinstalling everything but IMO you can never be shure that it is clean.

Until you do get it clean do not do any online banking or checking financial accounts because they could be able to steel your passwords and account info, and then your balls belong to them (If you have any ). If you have go to a clean computer and change the passwords immediately.

Be paranoid and assume the worst that can happen, and then be surprised when it was not that bad after all.

Safe Sex and Safe computing follow the same rules!

Always assume the other person/computer is infected until you know better, and never believe a site when they say "You may be infected!"