Re: I may have a virus, help!!!!
- From: Malke <notreally@xxxxxxxxxxxxxxx>
- Date: Wed, 26 Dec 2007 15:19:02 -0800
This is how it happened. I was chatting with someone in windows messenger and a link popped up. I clicked on it then my friend told me it was a virus. Since then everytime I try to use a program, the "Open With" window pops up and I have pick from a list or browse for the exe file. I also do not have access as an administratrion of my lap top. I really have a hard time installing or updating new programs. I have an HP laptop. I'm using windows XP. How can I fix this??? Any help on this matter will be greatly appreciated.
I'll give you general malware removal steps but if this is a domain-member machine and you don't have the local administrator password, you'll need to bring the computer to your IT Dept. for them to reimage. If this is a home machine, then see below.
Go through these general malware removal steps systematically - http://www.elephantboycomputers.com/page2.html#Removing_Malware
Include scanning with David Lipman's Multi_AV and follow instructions to do all scans in Safe Mode. Please see the special Notes regarding using Multi_AV in Vista.
http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html - download site
The site is in German but David's tool is in English so don't let that worry you. Scroll all the way down to almost the bottom of the page and you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool". You'll see "Download von www pctipp.ch" and the live link to download Multi_AV.
You can also check to see if there are targeted removal steps for your malware here:
Bleeping Computer removal how-to's - http://www.bleepingcomputer.com/forums/forum55.html
When all else fails, run HijackThis and post your log in one of the specialty forums listed at the first link above (not here, please).
Not all tools used will work in Vista and you will need to run them elevated. Since Vista is so new, it will be a while before removal techniques and tools are developed. If you are unable to remove the infection by following the general steps, register at one of the HijackThis forums as suggested.
Standard caveat: If the procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a professional computer repair shop (not your local version of BigComputerStore/GeekSquad). Please be aware that not all local shops are skilled at removing malware and even if they are, your computer may be so infested that Windows will need to be clean-installed. Have all your data backed up before you take the machine into a shop.
Elephant Boy Computers
MS-MVP Windows - Shell/User