MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: Spyware "warning" and fake windwos update sitel
August 21, 2019, 07:33:28 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
August 21, 2019, 07:33:28 PM

Login with username, password and session length
 
News
New  Got pics of your modded PC or want to show off your cool desktop, visit our new Show & Tell forum!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: Spyware "warning" and fake windwos update sitel  (Read 1172 times)
Sgt_Zero
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1


Bookmark and Share

View Profile
« on: October 22, 2005, 12:37:58 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version:Windows Xp Home SP2
Problem Application Name & Version:Windows Xp Home SP2
Problem Hardware Make & Model:Acer 1362LMi
Error Messages:Fake windows update in IE


So i'm trying to fix my brothers laptop. When the machine starts there is a popup complaining about a spyware and it then opens as fake windows update site. And if i try to open Internet Explorer it points to the fake windows update site no matter what.
I have run Norton Antivirus, Ad-Aware, Spybot Seach & Destroy and Antivir but haven't been able to remove this fake warning and update site.

Logfile of HijackThis v1.99.1
Scan saved at 13:56:47, on 22-10-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\F
Logged

 
Geekgirl
Global Moderator
Hero Member
*****

Karma: +25/-1
Offline Offline

Gender: Female
Posts: 3175



Bookmark and Share

View Profile
« Reply #1 on: October 22, 2005, 10:20:46 PM »

Hello and Welcome to MyTechSupport.ca

Download SmitRem.zip and save the file to your desktop.
Right click on the file and extract it to it's own folder on the desktop.

Place a shortcut to Panda ActiveScan on your desktop.


Please download the trial version of  Ewido Security Suite


Please read Ewido Setup Instructions
Install it, and update the definitions to the newest files. Do NOT run a scan yet.


If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Ad-Aware SE Setup
Don't run it yet!


Next, please reboot your computer in SafeMode (By repeatedly tapping the F8 key until the menu appears).



Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply


Open Ad-aware SE and do a full scan. Remove all it finds.


Run Ewido Security Suite:

    • Click [Scanner]
    • Click [Complete System Scan] to begin scanning.
    • Click [OK] when prompted to clean files
    • With the first file it prompts to clean, select the option -  "Perform action on all infections" - & choose clean and click [OK].
    • Once finished, click the [Save report] button
    • Save the report to your desktop
Close Ewido

Next go to Control Panel click Display > Desktop > Customize Desktop > Website > Uncheck "Security Info" if present.

Reboot back into Windows and click the Panda ActiveScan shortcut, then do a full system scan. Make sure the autoclean box is checked!
Save the scan log and post it along with a new HijackThis Log and the Ewido Log.
« Last Edit: October 22, 2005, 10:22:04 PM by Geekgirl » Logged




Girlz Rule ...Boyz Drool
____________________________
ALWAYS BACKUP YOUR REGISTRY BEFORE EDITING
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page October 03, 2016, 01:28:10 PM