Sign in with
Sign up | Sign in
Your question

Infected with spyware?

Last response: in Windows XP
Share
Anonymous
January 5, 2005 5:15:02 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

When I start my PC, a window appears:

Your Windows is corrupted with spyware virus.
You must patch your pc urgently to protect yourself.
Private info is accessed by ports:

- 8080
- 3128

You can patch your PC for free only now and delete all spyware viruses.

Click OK to choose and download free spyware removal using AntiSPY.


When I connect to the internet, a different window appears:

WARNING!

---- YOUR PC WILL NOT BOOT NEXT TIME WITHOUT URGENT PATCHING ----

Our analysis shows that your PC is infected with spy software.
You have been infected with '___winSterHJK v.2011.'
Your PC is now accessed through ports:

- 3128
- 8080

Your private information is in danger.
Patch your PC immediately for free.
No money, no credit card, all downloads are CNET certificated.
We're the team of volunteers helping to fight with spyware.

Click OK to choose and download free spyware removal using AntiSPY.


Then new page opens, it's adress is:

http://www.hotoffers.info/a0002/warning/danger.html


Beside this warnings, I cannot change the adress of my home page in IE other
than: http://www.hotoffers.info/

I'm using Windows XP Professional, SP1 with all updates.
I even tried install SP2, but no changes.

Thank you for any reply.

More about : infected spyware

Anonymous
January 5, 2005 11:32:58 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download Sysclean.com and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt333.zip

Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.

2) Update Adaware with the latest definitions.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore...
4) Reboot your PC into Safe Mode and shutdown as many applications as possible
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point


* * * Please report your results ! * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html






"bobo72" <bobo72@discussions.microsoft.com> wrote in message
news:FF94ED16-F530-4880-871E-32D3806A1935@microsoft.com...
| When I start my PC, a window appears:
|
| Your Windows is corrupted with spyware virus.
| You must patch your pc urgently to protect yourself.
| Private info is accessed by ports:
|
| - 8080
| - 3128
|
| You can patch your PC for free only now and delete all spyware viruses.
|
| Click OK to choose and download free spyware removal using AntiSPY.
|
|
| When I connect to the internet, a different window appears:
|
| WARNING!
|
| ---- YOUR PC WILL NOT BOOT NEXT TIME WITHOUT URGENT PATCHING ----
|
| Our analysis shows that your PC is infected with spy software.
| You have been infected with '___winSterHJK v.2011.'
| Your PC is now accessed through ports:
|
| - 3128
| - 8080
|
| Your private information is in danger.
| Patch your PC immediately for free.
| No money, no credit card, all downloads are CNET certificated.
| We're the team of volunteers helping to fight with spyware.
|
| Click OK to choose and download free spyware removal using AntiSPY.
|
|
| Then new page opens, it's adress is:
|
| http://www.hotoffers.info/a0002/warning/danger.html
|
|
| Beside this warnings, I cannot change the adress of my home page in IE other
| than: http://www.hotoffers.info/
|
| I'm using Windows XP Professional, SP1 with all updates.
| I even tried install SP2, but no changes.
|
| Thank you for any reply.
Anonymous
January 6, 2005 11:03:04 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

excuse me for intervening but I have a similar problem. I want to clarify
two points.
7 Reenable systemrestore.

exactly how do I do that.

-9 Create a new Restore point

I don't know what you mean by that. Could you please explain that and tell
me how to do it?

Do I already have a restore point?

dennist685
"David H. Lipman" wrote:

> 1) Download the following three items...
>
> Trend Sysclean Package
> http://www.trendmicro.com/download/dcs.asp
>
> Latest Trend Pattern File.
> http://www.trendmicro.com/download/pattern.asp
>
> Adaware SE (free personal version v1.05)
> http://www.lavasoftusa.com/
>
> Create a directory.
> On drive "C:\"
> (e.g., "c:\New Folder")
> or the desktop
> (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
>
> Download Sysclean.com and place it in that directory.
> Download the Trend Pattern File by obtaining the ZIP file.
> For example; lpt333.zip
>
> Extract the contents of the ZIP file and place the contents in the same directory as
> sysclean.com.
>
> 2) Update Adaware with the latest definitions.
> 3) Disable System Restore
> http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore...
> 4) Reboot your PC into Safe Mode and shutdown as many applications as possible
> 5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
> platform and clean/delete any infectors/parasites found.
> (a few cycles may be needed)
> 6) Restart your PC and perform a "final" Full Scan of your platform using both the
> Trend Sysclean utility and Adaware
> 7) Re-enable System Restore and re-apply any System Restore preferences,
> (e.g. HD space to use suggested 400 ~ 600MB),
> 8) Reboot your PC.
> 9) Create a new Restore point
>
>
> * * * Please report your results ! * * *
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
>
>
>
>
>
>
> "bobo72" <bobo72@discussions.microsoft.com> wrote in message
> news:FF94ED16-F530-4880-871E-32D3806A1935@microsoft.com...
> | When I start my PC, a window appears:
> |
> | Your Windows is corrupted with spyware virus.
> | You must patch your pc urgently to protect yourself.
> | Private info is accessed by ports:
> |
> | - 8080
> | - 3128
> |
> | You can patch your PC for free only now and delete all spyware viruses.
> |
> | Click OK to choose and download free spyware removal using AntiSPY.
> |
> |
> | When I connect to the internet, a different window appears:
> |
> | WARNING!
> |
> | ---- YOUR PC WILL NOT BOOT NEXT TIME WITHOUT URGENT PATCHING ----
> |
> | Our analysis shows that your PC is infected with spy software.
> | You have been infected with '___winSterHJK v.2011.'
> | Your PC is now accessed through ports:
> |
> | - 3128
> | - 8080
> |
> | Your private information is in danger.
> | Patch your PC immediately for free.
> | No money, no credit card, all downloads are CNET certificated.
> | We're the team of volunteers helping to fight with spyware.
> |
> | Click OK to choose and download free spyware removal using AntiSPY.
> |
> |
> | Then new page opens, it's adress is:
> |
> | http://www.hotoffers.info/a0002/warning/danger.html
> |
> |
> | Beside this warnings, I cannot change the adress of my home page in IE other
> | than: http://www.hotoffers.info/
> |
> | I'm using Windows XP Professional, SP1 with all updates.
> | I even tried install SP2, but no changes.
> |
> | Thank you for any reply.
>
>
>
Anonymous
January 6, 2005 2:54:15 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Replies are inline...

"dennist685" <dennist685@discussions.microsoft.com> wrote in message
news:10B2000D-96E8-4A09-B027-78042FBE1371@microsoft.com...
| excuse me for intervening but I have a similar problem. I want to clarify
| two points.
| 7 Reenable systemrestore.
|
| exactly how do I do that.

Go to the following URL and do the OPPOSITE of disabling the System Restore cache
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.


|
| -9 Create a new Restore point
|
| I don't know what you mean by that. Could you please explain that and tell
| me how to do it?


Go to...
Start --> programs --> acccesories --> system tools --> System Restore

It will give you the options to either Restore to a point or create a new restore point.
Just choose to create a new restore point.

Dave







| Do I already have a restore point?

You should. The system should automatically create them under certain circumstances such as
installing some new MS Software.

--
Dave



|
| dennist685
!