TechSpot

Receiving 2 pop warnings of infection

By casper81
Mar 9, 2008
  1. PC is receiving to pop up messages, one in the bottom righthand corner (icon looks like the Widnows Security sheild). balloon message::
    Warning: Your computer is infected.
    Windows had detected spywre infection! Click this message to install last update of Windows security software.

    The second pop up is in the middle of the screen:
    Security Monitor: Warnin!
    Attention! System detected a potenial harzard (trojanSPM/LX) on your computer that may infect executable files. Your private information and PC safett is at risk. To get rid of unwanted spyware and keep your computer safe you need to update your current security software. Click yes to download official intrusion detection system (IDS software).

    Background, this my friends laptop for her business. When she gave it to me, all sorts of not so websites were coming up and a lot if other windows. I ran virus scans, many different spyware scans. These all found threats and deleted them, but these 2 messages keep popping up. Right now, I have the online scan running on it as mentioned in some instructions I found on this forum. I am at a loss. Would someone please guide me through how to rid these?!

    Thanks!

    Scan just finished: Detected Grayware/spyware HTTP Cookies (6 detected)
     
  2. casper81

    casper81 TS Rookie Topic Starter

    Hijack files

    See attachments
     
  3. kritius

    kritius TS Guru Posts: 2,084

    Hi casper81,

    The first thing that you need to do is follow all the instruction HERE eactly as they are described and post back in this thread with the three requested logs,
    • ComboFix
    • HJT and
    • AVG antispware

    as attachments. (see how here)

    Also check in your add/remove programs and see if you have any mention of
    MyWebSearch/MySearch
    if so remove them.

    Download SDFix and save it to your Desktop.
    • Run the SDFix.exe by double clicking on it.
    • Allow it to install into the default location which is normally c:\SDFix
    • Now please reboot your computer into Safe Mode (see here)
    • When you have booted into safe mode, open the C:\SDFix folder and double click RunThis.bat to start the script.
    • Type Y to begin the cleanup process.
    • It will remove any Trojan Services or Registry entries found and then prompt you to press any key to Reboot.
    • Press any Key and it will restart the PC.
    • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
    • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
    • Attach the Report.txt file to your next message.

    Good luck and if you have any questions then just ask.

    This thread is for the use of casper81 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  4. casper81

    casper81 TS Rookie Topic Starter

    Here are the 3 files requested. I think the system is clean now,

    I am wondering if I should delete some of the software I downloaded before I return the PC. Also, I have 2 Virus scans, which is better to use?

    Thanks for the help!
     
  5. kritius

    kritius TS Guru Posts: 2,084

    Id like to get someone else to have a look over your logs, there are some things in it that I dont like the look of.
     
  6. casper81

    casper81 TS Rookie Topic Starter

    Thanks. Please let me know the findings.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...