after arriving home from work this evening, my daughter complained that her computer was running slow, and an odd popup balloon in the notification area (xp pro 32 bit) kept announcing that her system was at risk, and she should scan windows, and to press the notification balloon to do this. it was a link to a"virus-buster" ad page, and after deleting temp and other flotsam and jetsam files, checking add/remove for suspicious entries, the registry, and search/find target, and running spybot and adaware along with her up to date av app, in safe mode to boot...no success...the taskbar notification kept "notifying". spybot had indicated that a bug called "pest trap" had been detected and removed. i googled, and to my surprise discovered that this is a somewhat insidious malware that directs you to a page which claims that you are infected, and you must purchase "virus-buster" software to rid your system of detected problems (false positives. this is evil adware, check out the info on the wikipedia regarding this)...
well, spybot failed (and even thwarted a genuine attempt at bug removal!),
but the red circled text (wish they would have made this an active link), once googled, led
me to the "fix":
http://siri.geekstog...mitfraudFix.php
the bug is a variant of Smitfraud, it would seem, and a variant which spybot nor adaware
have definitions for atm (this would explain why spybot could not remove the pest,
yet had been able to in the recent past).
after following the instructions in the downloaded rar, i rebooted my daughters' system to
a desktop free of "pest trap", and any other recent Smitfraud incarnations.
here is the app, a great "fix" when others may fail:
SmitfraudFix.zip 596.55K
211 downloads
cheers
0
