Help! Mom and Pop store has computer problem!

[cuisinart]

Hello,

I am new here and in a bit of a bind. I own a small business but my windows xp has been hijacked by the "XP Security 2012" virus last night. I've frantically combed through the various threads and websites but it doesn't address my problem.

I understand that I have to use Malwarebytes, Superantivirus, or other virus scanners but the problem is that the "XP Security 2012" virus still pops up in Windows XP Safemode (even in network mode)!

I think I may have to delete regkeys but I don't want to play with that because this computer doubles as my cash register and if I do something wrong its really going to mess me up since I also have no experience with regkeys.

Can someone explain to this computer illiterate fool how to get rid of this virus step by step. Right now I am in a very tight situation.

Much appreciated!

 

[mibix19]

Hi. have a look at this http://www.bleepingcomputer.com/virus-removal/remove-win-7-internet-security-2011

 

[tech_99]

Hello,

1. Download FixNCR.reg and run it. Download link: http://download.bleepingcomputer.com/reg/FixNCR.reg
2. Download Malwarebytes Antimalware, SUPERAntispyware or any other malware removal tool and run a full system scan.
3. Update and run additional scan with your antivirus software.

If you can't download FixNCR.reg or you don't have another computer and you can't download/transfer FixNCR.reg to the infected one, you should follow the alternate removal guide given here: http://deletemalware.blogspot.com/2011/06/remove-xp-antispyware-2012-xp-internet.html

Also, you can actually active the rogue application by entering this key 2233-298080-3424. Then the rogue application won't display fake security alerts and won't block other programs. You will be able to download and run malware removal tools without any problems and so remove the virus a lot easier.

Good luck!

 

[cuisinart]

Hi. have a look at this http://www.bleepingcomputer.com/virus-removal/remove-win-7-internet-security-2011

Thank you very much for the link!

Also props to the other poster it really fixed my situation.

The key was the Fixncr and Rkill files that gave me back control of the computer.

Any suggestions on how I can avoid this virus in the future? I have no idea what I could have done to receive this problem.

Thanks!

P.s. I wish I could give you best reply too but I was already working with his link.

Should I worry if the virus may have stolen any sensitive information from my computer?

 

[cuisinart]

Best answer selected by cuisinart.

 

[mibix19]

Hi. Thanks for the best answer vote. If you keep your antivirus up to date and do a weekly malwarebytes scan you should be OK. Your sensitive information should be safe. CCleaner is recommended by this forum. download it and run the cleaner and registry checker/cleaner. You may be surprised at the rubbish that finds it way onto your computer.You may also want to avoid clicking links on the internet that will do a free check of your PC, unless you trust the site and link. Cnet is a trusted site for downloads. Glad you got it sorted.