Virus Help please

[silentrunner]

My parents desktop which runs on Windows XP has been infected. My dad turned his computer on and a fake anti-virus program prompted him for installation. It also changed the desktop background to a fake warning message. Avast detected two infected files one was in my documents, and the other is in a WINDOWS file. I can't delete that file repair it. When I try to repair it It sais access denied. Will I have to reinstall XP or what? plz help

[FIREWALL]

If you still have some control of your computer D\L SuperantiSpyware . It's free and kicks ass.

I had a similar problem that put Symantec\Norton on it's knees.

This fixed it immediately.

[Thomen]

Quote:

Originally Posted by silentrunner

My parents desktop which runs on Windows XP has been infected. My dad turned his computer on and a fake anti-virus program prompted him for installation. It also changed the desktop background to a fake warning message. Avast detected two infected files one was in my documents, and the other is in a WINDOWS file. I can't delete that file repair it. When I try to repair it It sais access denied. Will I have to reinstall XP or what? plz help

Boot into safe mode with networking and then run an online virus scanner like housecall.

[silentrunner]

I did another virus scan, and Avast detected a Rootkit, I am in the process of scanning during boot time, because it would not let me run a scan wile the virus was activated. How would I go about getting rid of the rootkit?

[Gato76]

same thing happen to me 2 weeks ago, i start my pc and i was welcome by a blue and yellow sign telling me You have malaware install antivirus,i couldn't get rid of the damn thing and i can fix any problem on a pc ,it was just nasty,back up your files and format the hard drive.that's the only way to fix it

[Task Force]

I tell you the people who start and make Virusis realy need to go get a life (or a Job.) You should probably do a Virus sweep to see if you could do it the easy way. (If someone put a Virus on my machine Id be P***** off. Thats why Subsim is the only place I download free stuff from.)

[Blacklight]

If you can get to it... try this. It works wonders. Do a Full Service Scan. It takes several hours, but it works really well and it also cleans the registry, and all kinds of other good stuff. This is the only thing that got rid of the Virtumonde virus when my PC got infected with it.

http://onecare.live.com/site/en-US/d....htm?s_cid=sah

[Jimbuna]

You could try either of these:

http://www.kaspersky.com/

http://housecall.trendmicro.com/uk/

Quote:

Originally Posted by Task Force

I tell you the people who start and make Virusis realy need to go get a life.

Actually, once I am Evil Overlord of the Earth, they'll be hunted down like rats,
put on public display via world-wide TV, and everyone will watch as a firing squad
puts 30 clips of ammo into their worthless bodies, which are then left to rot in the
street as an example of what happens if you infect the computer belonging to the
Evil Overlord of the Earth.

[SUBMAN1]

Quote:

Originally Posted by Zayphod

I'd have to say that this would make me lose any real respect for the person with a head on a stick by his front door. I might respect the fact that I might also have my head on the stick, but this is a good example of people thinking that respect means power. Hardly. Respect means honesty and integrity. That is what gets 'real' respect.

Don't let me highjack the thread of course!

-S

[mcf1]

I had a similar problem a couple months ago.
A message pop up on the IE window and said "your computer has been infected download (a program I don't remember the name) and run a FREE scan, the thing is that my PC downloaded ran the scan itself. And it said that the whole PC was scanned and about 120 threats were found, the scan lasted only a few seconds.
The WHOLE pc scanned in only seconds and I'm talking about 120GB of USED hard disk space, my antivirus would need hours to do that .
And I was supposed to pay 50$ to "get rid of the threats"
I had only 1 solution in mind, reinstal windows.
My opinion about these "threats" is that you get them from some "whannabe" companies or hackers that want to sell their fake software.

That's it. I left my anger about that out and now I'm feeling great

[SUBMAN1]

Avast should get it during the boot time virus check, but since no drivers are loaded to speed up your HD during this test, it TAKES FOREVER!!!

Works though.

Second thing you need to do is download AdAware. Make sure you update the definitions. That will squash all the bugs that are spyware, and this app you are dealing with is spyware by the way.

When you are done with the Adaware scan, you need to pull up a run box and type services.msc. This will bring up the page of services on the machine - stop the Adaware service, and then set it to manual on boot up. This will prevent it from interfering with our next app.

Download Spybot Search and Destroy. Update its definitions and then run a scan with this. It will pick up what the other missed. This will take a long time too. Worse, it will most likely find something that can't be removed while the system is running, and it will want to shut down and scan at boot up in a not so similar manner to Avast that you describe above (except that it will boot further into the system). This will also take forever.

When all is said and done, pull up a runbox and type in cmd. In the command window, type in chkdsk /f to make sure your file system is intact (It is good to do this once in a while to avoid corruption). It will also want to reboot the machine, but it doesn't take very long.

Another thing you might want to follow up with is to Defrag your HD at some point. Should make things boot quicker in the future.

That is the process I would use if I were doing it. I've done it enough in my life to know what works. That is the reason I tell you to run those 2 Spyware checking apps in that order (They are the best in the business for spyware checking by the way). One will catch what the other misses.

I hope this helps, and let it be known, it is a very long process.

-S

[Digital_Trucker]

After you get it cleaned up, use Spybot Search and Destroys "immunize" function to help avoid future infestations. Spyware Blaster and Ad-Aware 2008 are also good tools to help avoid/get rid of adware and other malware. Most important (as has been stated before) is keeping all of these protection tools updated and using them on a regular basis.

[silentrunner]

I think I might just format the hard drive just to make shure the root kit is gone. There was actually three things at once. A VB virus that was the first one to appear. THen the next it booted the fake antivirus software poped up. Avst then dtected the trojan, but I could not dlete the filr. Than a while later it dtected that a root kit had been installed. So just to be 100% safe I am going to format the hard drive.

[Jimbuna]

Reformatting is always the 100% surefire way of disposing of a nasty, but what a price to pay