Hiya,
Our family pc downstairs was being used by our lodger the other day and it is now seriously troubled.
I'm guessing he downloaded something or clicked on a pop-up that said it has found a virus, trying to do the right thing but actually ending up installing something nasty.
Symptons are :
There were 3 different malware type removers on the desktop (presumably fake).
'VIRUS ALERT!' is displayed in the bottom right of the taskbar where the clock usually is.
Pop up messages keep appearing saying 'Someone is trying to access your pc, suspected internet attack...' Or words to that effect.
Internet explorer directs to a malware remover type site.
During an AVG scan of the system (in normal mode) it gets to about 26000 files scanned and then slows to a really slow rate. 1 files every few seconds.
The start menu has been completely modified, most everything has been removed. I can't start programs at all and also CTRL + ATL + DEL does not bring up task manager. A message saying 'this function has been disabled by your administrator'. I also cannot start My Computer (the icon is not there).
The pc was left on for some time before I disconnected the internet.
If I start XP in safe mode I was able to install and run some of the recommended programs in the 8 Step Virus Instructions. XP was that compromised that I had no way of accessing them in normal mode.
Malwarebytes Anti-Malware found many instances of malware.
I was not able to install SuperSpyware Home edition, in both normal mode and safe from logged in as the administrator a message pop's up to say 'the system administrator has set policies to prevent this installation'.
Having read some of the FAQ it seems like a re-format is the obvious choice. We do use that pc for online banking.
Can anyone have a look at the log files and throw some light on them. I know a little about pc's but not a great deal. Any assistance would be much appreciated.
Thanks,
Rob
Our family pc downstairs was being used by our lodger the other day and it is now seriously troubled.
I'm guessing he downloaded something or clicked on a pop-up that said it has found a virus, trying to do the right thing but actually ending up installing something nasty.
Symptons are :
There were 3 different malware type removers on the desktop (presumably fake).
'VIRUS ALERT!' is displayed in the bottom right of the taskbar where the clock usually is.
Pop up messages keep appearing saying 'Someone is trying to access your pc, suspected internet attack...' Or words to that effect.
Internet explorer directs to a malware remover type site.
During an AVG scan of the system (in normal mode) it gets to about 26000 files scanned and then slows to a really slow rate. 1 files every few seconds.
The start menu has been completely modified, most everything has been removed. I can't start programs at all and also CTRL + ATL + DEL does not bring up task manager. A message saying 'this function has been disabled by your administrator'. I also cannot start My Computer (the icon is not there).
The pc was left on for some time before I disconnected the internet.
If I start XP in safe mode I was able to install and run some of the recommended programs in the 8 Step Virus Instructions. XP was that compromised that I had no way of accessing them in normal mode.
Malwarebytes Anti-Malware found many instances of malware.
I was not able to install SuperSpyware Home edition, in both normal mode and safe from logged in as the administrator a message pop's up to say 'the system administrator has set policies to prevent this installation'.
Having read some of the FAQ it seems like a re-format is the obvious choice. We do use that pc for online banking.
Can anyone have a look at the log files and throw some light on them. I know a little about pc's but not a great deal. Any assistance would be much appreciated.
Thanks,
Rob
