Computer Virus problem - Windows XP media edition

[The Sandlot]

I'm using the livingroom computer. fyi

While I was at work my brother(17) was wanting to watch a movie on my computer. He visited some random website that he does not remember the name of when said website asked him to download/install a divx program to be able to view the movie. that's when shtf.

symptoms:

-Said virus changed my backround image to 'your computer is infected, etc.'. I changed the image back to my normal backround image.

-I was unable to access task manager because said virus disabled it. After some scans I can now access it.

-I attempted to do a system restore to a later date, but all dates were deleted. At first I was only able to access system restore via safe mode, but now after some scans I can access via normal mode.

-Mozilla Firefox was deleted/uninstalled and Internet Explorer is not working.

-I have no internet connectivity at all and it seems that the said virus deleted the network that I connected with i.e. when you go to network settings it shows which connection you're using.

-Programs such as Hijackthis, Malware - anti malware, microsoft malware remover, do not run because the comp throws out an error saying that i'm unable to use them due to administrative purposes.

what i have done so far

Ad aware 6.0 was not deleted so I ran that and it found 15 infected files and it got deleted.

I re-installed malware anti-malware and it found 45 infected files and I deleted them, but now the program does not run. Everytime I re-install the program when the scan wants to begin, the program shuts down. When I try to re open the program I get an error saying that I'm unable to use it.

I ran CCleaner and it deleted 200mb of crap.

I've been using my ipod nano(2gb) to transport anti-virus programs from the clean computer over to the infected computer since I'm unable to access the internet with the infected computer.

I installed avira antivir and ran a scan and it found 22 infected files, some trojans, they got 'repaired'.

I am unsure on what my next move should be. I have 4 years worth of photo's, music, and misc. files that I have accumalated and I do not wish to reformat.

I would appreciate any help/advice, thanks.

 

[btk1w1]

First thing it get your photos, music, movies or any data you want to save off the pc.

Burn the files to disc, use and external HDD or any other method for safe keeping.

I realise that this is not always practicable, but it is safest. Best if you burn them to disc, then you will always have them.

Are you still able to access safe mode?

 

[million3g]

go in safe mode and run Malwarebytes’ Anti-Malware. see if that helps. but def do a backup. in the long run you might have to reinstall the OS. Which is good any way really. You can start fresh.

 

[aford10]

^ +1
Boot into safe mode and run malewarebytes. It's a great free program and should be able to fix you right up.

 

[number13]

maybe easier to restore the computer to a earlier time and it will remove the host files and any corruptions that have occoured since, so do a restore to an earlier time, Start, All Programs, Accessories, System Tools, System Restore

 

[blackhawk1928]

Well...buddy sorry to be have the really bad news but the first thing most viruses do when they infect your computer is disable your system restore and delete all the points in it. The next thing they do is disable any other threat which is programs like malwarebytes and any kind of scanners, all this or most of it is done through your registry. You can ofcourse fix it but your registry has millions of keys and the virus has most likley changed or deleted many of them, you can redo everything but not many people know how to do that and repairs can cost hundreds. Therefore pretty much your only option is your last measure, its something that always works and cleans everything out...i am sure you know what that is. However here is a very important note: If your virus goes out of your windows folder and registry and infects the rest of your computer, it can infect your multimedia and all that stuff, therefore copy all your multimedia and anything that is important to another hardrive, however once you reinstall your OS, dont connect your hard drive back is it might be infected!! Before connecting it back, make sure have a good anti-virus (updated to latest version) installed and malwarebytes-Antimalware installed, updated, and ready to rock n roll so as soon as you connect it back run a full scan of that hard drive incase the virus infected your multimedia folders. Or better yet connect to another computer you dont care about and run the scan there

-*Side Note* even if you get the virus out, once the damage has been there is no turn back thats why the only to protect yourself is make sure you dont get infected in the first place, once you are infected, with most viruses, you are done my friend.
-ANALOGY:::Its like pretend a bullet is a virus, and a doctor is an anti-virus, and a person is the computer. Lets say the bullet hit the person in the leg. The doctor ofcourse removed the bullet which is the virus but the bone in the leg has been fractured and some veins poped meaning there is already damage and taking the bullet out wont fix everything.

 

[montyuk]

see my earlier post on removing av2009 and advice for getting malwarebytes working.

really should be turning off restore as its highly likely to be infected anyway.

 

[aford10]

Well...buddy sorry to be have the really bad news but the first thing most viruses do when they infect your computer is disable your system restore and delete all the points in it. The next thing they do is disable any other threat which is programs like malwarebytes and any kind of scanners, all this or most of it is done through your registry. You can ofcourse fix it but your registry has millions of keys and the virus has most likley changed or deleted many of them, you can redo everything but not many people know how to do that and repairs can cost hundreds. Therefore pretty much your only option is your last measure, its something that always works and cleans everything out...i am sure you know what that is. However here is a very important note: If your virus goes out of your windows folder and registry and infects the rest of your computer, it can infect your multimedia and all that stuff, therefore copy all your multimedia and anything that is important to another hardrive, however once you reinstall your OS, dont connect your hard drive back is it might be infected!! Before connecting it back, make sure have a good anti-virus (updated to latest version) installed and malwarebytes-Antimalware installed, updated, and ready to rock n roll so as soon as you connect it back run a full scan of that hard drive incase the virus infected your multimedia folders. Or better yet connect to another computer you dont care about and run the scan there

-*Side Note* even if you get the virus out, once the damage has been there is no turn back thats why the only to protect yourself is make sure you dont get infected in the first place, once you are infected, with most viruses, you are done my friend.
-ANALOGY:::Its like pretend a bullet is a virus, and a doctor is an anti-virus, and a person is the computer. Lets say the bullet hit the person in the leg. The doctor ofcourse removed the bullet which is the virus but the bone in the leg has been fractured and some veins poped meaning there is already damage and taking the bullet out wont fix everything.

This is true in some cases, but not all. Many times the virus/malware/worm whatever it may be, can be removed relatively easily. Most are dormant in safe mode, which is where the OP would want to run a scanner such as malwarebytes. The extent of the damage will then determine whether a format is necessary. As the doctor in your analogy would say, you first try to save the leg before you amputate it.

 

[blackhawk1928]

^+1 Good point, some cases you need to amputate and in some cases you can save it All depends on the virus you catch. I totally agree just forgot to mention that part.