Just had a centre screen pop up that informed me that I had a virus and that I should press a button to start to remove it. All attempts to shut it down only introduced more screens telling me I should do this and that. Non of the names were familiar to me except for

http//intelscanh1.com says Antivirscan Shall do ......


I forced a shut down after finding that I couldn't stop these things by any other means.

Restart hasn't shown any more stuff and am running Avast. One waits with baited breath.

This is more common than you'd imagine, and since it's a million dollar+ business, obvioulsy takes some users in.
It's a rogue antivirus application. There are several (or several dozen) new variants of these released every day, often using seriously difficult-to-remove means to install/run, including trojans and rootkits.

That address you've posted is blocked from loading on my computer. (Thank you, hosts file.)
Wouldn't hurt to do a bit of scanning.
Try MBAM (http://www.malwarebytes.org/mbam.php) ( a very good demand scanner. ) Install the free version, update it, run a quick scan. Have it remove anything found. If prompted to reboot to complete removal, please do so promptly.
Go to Secunia.com (http://www.secunia.org) and look at the area for "software inspectors" You have two choices, an online scan (OSI) that will require installing an activex control (safe), or downloading the PSI and running it.
The PSI is more comprehensive; running the OSI will give you an excellent idea of what is out of date or vulnerable on your computer.
My guess is Java, Adobe, or a Flash player.
A scan with Avast would be a good idea too, especially if it blocked something from loading at the time you had the warnings.

Thanks for that. I've run Avast and it found nothing. I'm up due to :mad: insomnia and having a last look round. Nothing reared its ugly head yet.

Did the invitation also invite you to part with money? It sounds like a SmitFraudFix (http://go.techimo.com/?id=769X53352&url=http%3A%2F%2Fsiri.geekstogo.com%2FSmitfraudFix.php) infection.

I have cleared 3 from friends' machines and it is best done in safe mode to start. If that is what it is it will be a nuisance rather than a disaster. A Google with smitfraud will show you are not alone.

As the next screens kept popping up I was so intent on shutting down, I didn't see the details...just that I didn't recognize anything except the word intel.

I'll have a look tomorrow, when the sleeper's worn off.

Should these sorts of screens or pop-ups occur again, try alt+f4 to close them. (May not work)
Try looking in taskmanager to see what's running. This will need a little familiarity with what normally runs in taskmanager, and you may find it's been disabled.

It does sound a bit like you may have dodged it, though, if it hasn't recurred. Fingers X'd.

I would definitely run a scan with MBAM. The fact that there were no Avast warnings suggests it is a new or new-ish variant that is not in the Avast database, yet. (There are literally thousands of these things circulating.)

And you definitely should perform that secunia check (or something similar) because out of date and vulnerable software is probably the number one way (closely ties with user click-happiness) to get these things.

Also consider a two way firewall control of some sort. This will alert you if something unknown attempts to connect outbound. (Such as a trojan attempting to download its dirty cargo.)

Without question, the single most effective thing you can do to protect your PC when online is NOT TO RUN WITH AN ADMINISTRATOR OR POWER USER ACCOUNT.

That way, nothing gets to install.

SD

Yep and do not press any buttons on software you have not installed yourself

Sudo for Windows | Get Sudo for Windows at SourceForge.net (http://sourceforge.net/projects/sudowin/)

"Sudo for Windows (sudowin) allows authorized users to launch processes with elevated privileges using their own passphrase. Unlike the runas command, Sudo for Windows preserves the user's profile and ownership of created objects."

And that folks, is the answer to Windows security.

:ok:

Mac

Saab Dastard
Without question, the single most effective thing you can do to protect your PC when online is NOT TO RUN WITH AN ADMINISTRATOR OR POWER USER ACCOUNT.

My other half has just started to venture out onto the internet on her new Laptop, so I'm not really worried about anything happening to that one. Nothing of any value is on there should it crash...

Problem is that I would like to create an account that she can use on my Laptop but without any admin priveleges

I've been able to generate a Guest login, but I want to have all the current programs that are used by myself (as the administrator) on my login also available (saves me from having to log off from her's should I need to check something quickly)

Thanks in advance

Don't create a Guest account - create a proper named user account. Make sure it isn't in the Administrator or Power user groups.

You don't mention what OS - with XP, programs that have been installed by an administrator or equivalent are available for all users, with a couple of caveats.

You will probably have to find the shortcut(s) to launch the program and make it available to All Users or copy to the new account, and some badly written programs may assume that the userdata location when installed originally should always point to the profile of the installer, which may cause problems.

But most mainstream applications (e.g. MS Office) will work fine.

If you have problems with account creation and privileges, the MS website is usually a good place to find "how to's".

SD