Had this question 9
Bobby Mikkelson asked on

Warning: Security related E-Mail Hoax stating that network is infected.

Microsoft has recently become aware of an email hoax that begins like the following:

"Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected..."


This is not a legitimate communication from Microsoft and the link within that communication points users to a 'rogue' security program.  These rogue programs generate misleading alerts and false detections of malicious code to convince users to purchase the illegitimate security software.  Some rogues may display product names or logos in an apparent unlawful attempt to impersonate Microsoft products or other legitimate software applications.


If you believe your machine has become infected, we encourage you to use the Windows Live OneCare Safety scanner to check your PC for malware and to help remove them from your system.  In addition, we encourage you to submit any other suspicious files to the MMPC team for analysis.

If you do not have an antivirus/antispyware software on your machine, you download Microsoft Security Essentials or choose from a list of other software providers:  Windows 7 security software providers, Windows Vista security software providers, Windows XP security software providers.


You can also find out how to get free virus-related assistance from Microsoft here: http://www.microsoft.com/protect/support/default.mspx.


Thank you
Found this helpful 0
AKGRAM replied on
I received a message from what I thought was Windows Security with a notice that my computer had been infected.  The file was loaded onto my desktop.  Then it became almost impossible to remove.  I have a program that is called "PC Tools Doctor" that appears to have removed it.  (At least I thought so).  Now when I attempt to get onto the internet, I constantly get a red box that states my computer is at risk and is asking me to register this antivirus "worm" program that I had removed (or so thought I had).   The web address is : blank.  I am attaching a copy...

Please help.

Found this helpful 0
elrey57 replied on
it looks like my machine is infected. When I try to log on, it says "saving personal sttings" and then logs me off. Any other way to get in and remove this Trojan. I have norton symantec internet security installed.
Found this helpful 0
ksreek replied on


This is for elrey57 :

The Winlogon.exe & userinit.exe Files Needs to be Replaced From the Original Re-installation Media

Check if it works in Safe mode if it works .

Else  try the following WOrkaround

Boot using your winxp cd.
Enter recovery console.
at the command prompt go to


next type:
Dir *.exe

If you find, it, type
copy userinit.exe wsaupdater.exe

Exit and reboot normally. You should now be able to logon.
Run regedit

Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

In the right pane, you should see

Change it so that it reads:

Good Luck !

Microsoft PSS
Found this helpful 0
Build4u replied on


This same thing just happened to our computer, have you figured out how to remove the file?
Found this helpful 0
elrey57 replied on


i have not fixed my machine. Kinda scared that I might mess it up even worse.

Found this helpful 0
Belly2009 replied on
That is what happend to me...& I would love to download from microsoft to fix the problem however I cannot log on at all.  Windows appears to start normally, gets to log on screen, accepts user name & password then logs off again.  Cannot log on as administrator or in safe mode. Any suggestions?