ok i was searching for something and hit a bad link i have a campt wizard program and it keeps tell me that i have viruse and spyware/trojan i need ur help please i have ad-aware i have spy-bot i have avg and kerio the windows system alert: trojan-spy.win32@mx windows 95/95/me/nt/2003/windows xp spyware program thats sends confidential information to a remote attacker and then tells me to click the baloon to download official security software...but my mom/karen wagner:cool: told me to ask you first thanks

Jess

You most likely have Smitfraud.

Please download SmitfraudFix (http://siri.urz.free.fr/Fix/SmitfraudFix.zip) (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm (http://www.beyondlogic.org/consulting/processutil/processutil.htm)]

Also, download a copy of Hijackthis (http://www.subratam.org/main/index.php?option=com_content&task=view&id=19&Itemid=41)and unzip into a permanent folder.

Click on the icon and choose the option to scan and create a file.

Post the contents of the log here along with the results of the Smitfraud scan.

Be advised that this computer is a laptop. I don't know if that matters or not but thought you should know.

This is the LT, I was asking about how to switch from Vista to XP. It runs XP Pro. I had a professional uninstall Vista and install XP PRO.

Thanks!!

Hi kwagner_51..:)

Laptop makes no difference to HJT or the Smitfraud tool.
Go ahead and follow the instructions posted by ClassicSoftware, post the logs and he will advise you on his return.. (save you a bit of time)..;)

Fred..

ok when i double clikck on the smitraudfix it has a "open" or cancel button and it says doesnt have a reconnized publisher wat does that mean?

Try the open Button and see what happens...

it says joedanger is NOT involved with smitfraudfix in any way!
this tool was created by S!Ri, and is available for FREE.
voluntary donations will be accepted by S!Ri, at his main website only. anyone, other than the creator, trying to make a profit or solicit money from its use would be involved in fraudulent activity

press a key to continue

Did you extract the program onto your desktop?