Virus affected system

  bpzoom 19:01 25 Jul 2008
Locked

Despite all the Firewalls, CA anti virus protection, Windows Defender and several others installed and kept up to date, I have one machine which has been rendered nearly useless by some sort of virus attack. 4 out of every 5 boot ups I get just the desktop picture with no icons, and a frozen system. When Windows does load OK the machine is inundated with popups insisting that I am infected and by paying by credit card all will be cleaned up. The chief invader is called Advanced Anti Virus or AAV. Soething keeps turning off my Windows Something keeps turning off my Windows Security centre automatic upadtes. I turn it on, next time I boot OK it is off. I have purged the Startip itms, and deleted AAV entries from registry or so I thought. It is still there. One pop up allegedly from CA anti virus keeps telling me my license has expired and demanding payment. I know it does not expire until 2009. In general terms is there any software available which will clean up a system, or do I have to wipe it and begin again? Windows XP Home SP2.

  skidzy 19:07 25 Jul 2008

By the sound of it,a reformat could be the easiest route as the system is basically unworkable.

However, i think your going to need expert help on this if you wish to persevere with a cleanup.

Download Hijackthis click here (direct download)

And post the scan log at Malwareremoval click here

Please be paitent,the experts will help you.

  GANDALF <|:-)> 19:07 25 Jul 2008

click here should help or you could download superantispyware (free edition not ythe pro version) from click here Boot the computer into safe mode and run the programme. Delete all it finds.

G

  mfletch 19:27 25 Jul 2008

Its a rouge antivirus program,

MBAM will remove it for you,

click here

  woodchip 19:29 25 Jul 2008

Not a Virus its as above Highjacked by Malaware Program

  bpzoom 23:26 25 Jul 2008

Thank you all. I will pick my way through and see how far I get. I did not really think there would be an easy quick solution. I have never had this problem before.

  C3 08:59 26 Jul 2008

I'm finding with the new versions of the Vundo trojan and others, that although Malwarebytes and Superantispyware do a grand job of removing the problems, I still have to go in and fix the registry manually to allow access to the display options and other things that the infection has locked up.

  bpzoom 10:28 26 Jul 2008

C3 thanks, I know how to search the registry and delete traces of known unwanted files and folders, but any other change to the registry is beyond me. I don't know what you meant by "allow access to the display options and other things that the infection has locked up" My morale is lowering if deleting all traces of the invader from registry would not restore normaility by itself.

  C3 17:44 26 Jul 2008

I found a couple of registry entry downloads that fix the problems automatically for me so it makes life easier. I can't remember the site I got them from, but I just use Google to find what I need.


For your info -
Parts of the malware change settings in the Registry. I have had ones in the past 3 weeks that :

Deny access to Display Settings - Fixed by registry modification.
Remove all access to the root of the C: Drive. Essentially no links - Fixed by Antimalware program.
Task Manager is no longer available - Fixed by Antimalware program.

I don't go and play in the registry manually unless it is a last resort.

Don't lose morale. Run Malwarebytes and Antispyware in Safe Mode (I usually install and update them in Safe Mode With Networking), then once you have done that, boot normally and run Malwarebytes again. If it comes back clear, then you should be ok.

The longest clean I have had to deal with took me about 5hrs to remove the last bit of the virus, but that was exceptional.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

WPA2 hack: How secure is your Wi-Fi?

HP’s new Surface Pro rival is designed specifically for Adobe-using designers and artists

Best kids apps for iPhone & iPad

Que faire si son iPhone ou iPad est tombé dans de l'eau ?