Big Fat Red Screen - Windows Security Alert

You forgot to attach the other required logs (GetRunKey, ShowNew and CounterSpy) however before attaching them, do the below:

Uninstall any Viewpoint software (like Viewpoint Manager) as requested in step 0 of the READ ME.

Then continue on with the below.


I'm going to post two sets of instructions below. Each will be enclosed in separate Quote boxes. Make sure to complete the first one 100% before moving on to the second one.

ATTACH THE FIRST LOG NOW BEFORE CONTINUING OR YOU WILL OVERWRITE IT!!!! And then immediately continue on to the below steps.

Now attach new logs from:

• GetRunKey
• ShowNew
• HJT
  

Also don't forget to attach to attach the log from CounterSpy if you have it.

How are things working now?

 

Okay that looks better. Just a couple other things to do and then on to my final instructions.

Uninstall the Sunbelt CounterSpy trial since we are finished with it now! Then delete the below folders which may be left behind by the uninstall:
C:\Documents and Settings\Chip\Application Data\Sunbelt Software
C:\Documents and Settings\All Users\Application Data\Sunbelt Software
C:\Program Files\Sunbelt Software


Also I recommend that you run this Disable/Remove Windows Messenger to remove Windows Messenger which can be a frequent source of popups. Don't confuse Windows Messenger with MSN Messenger. They are not the samething.


If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix, you can delete the ComboFix.exe file, C:\ComboFix folder, C:\QooBox folder, C:\WINDOWS\nircmd.exe, and the C:\combofix.txt log that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used SmitFraudFix, you can delete all files and folders related to it now including the c:\rapport.txt log.
5. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
6. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
7. If we had you run Avenger, you can delete all files related to Avenger now.
8. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
9. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
10. If you are running Windows XP or Windows ME, do the below:
    • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
    • Then reboot and Enable System Restore to create a new clean Restore Point.
11. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

You're welcome. Surf safely.

If you like it, you can show your appreciation to the creator by making a purely voluntary donation at:

http://siri.urz.free.fr/Fix/SmitfraudFix_En.php#donation