I was out of town on business last night when my daughter calls with this problem. She was using google for some information, went to a site it had a check mark next to as safe, received a pop-up that was any thing but. It fooled her by suggesting her computer had an issue and to click "here". Ok, we all make stupid mistakes and she's a kid so life happens. She called my cell phone.
Once infected none of the .exe files would work so when I guided her to run Super Antispyware Pro, it wouldn't work. I calmed her down, reminded her it was just a computer and today when I returned I did the following but still having issues. It's a Windows XP 32bit OS.
I have AVG, Spybot Search & Destroy, and Super AntiSpyWare Pro loaded on her PC, in addition to the windows Firewall active.
1) Logged in normally and unable to execute any files, so not able to scan. I did get a AVG notice that there was a Generic Trojan 18 TXN, asked me if I wanted to continue to block (i said yes) and asked me to clean but would not execute the process.
2) Logged in Safe Mode as Admin. Was able to run AVG & Spy Bot and removed the Trogan.
3) Logged in normally as my daughter ran some more scans and the system was clean. Opened her preferred browser "Google Chrome" and unable to access the Internet. Icon for Internet Explorer exists but she doesn't use it and that short=cut opens Chrome so up to this point no browser working. Opened Firefox and that works. So only Internet access is through Firefox.
3) Noticed another very odd thing. I was able to update AVG & Spy Bot via the Internet and get new updates, but for the Supery Spyware Pro. program was unable to get updates. I tried every thing; uninstalled, reinstalled, re-registered, deleted it from Firewall, added it back in to exceptions. rebooted, etc., never able to get updates; it reads "Can't get updates, check firewall.
4) I notice her wireless is connect using Windows XP and I have a Linksys Router. This happens occasionally so not odd, but trying every thing I turn off the Windows XP wireless connection and enable the Linksys software to connect to the router through its software. That goes fine but did not ask me for the KEY. That has never happened before. I was able to connect to our wireless network without having to put the key in. Now perhaps her PC remembered it, but normally if she is connected via Windows XP and I change it to the Linksys software and connect it always prompts me for the key.
Clearly this computer is still messed up but I'm not sure what else to do. I'm concerned some stuff in the registry remains borked as well as some dll files.
I have downloaded the setup files for Google Chrome and IE, but haven't installed them. I'm thinking in the same way the Supervirus Spyware program is corrupted and remains so even after uninstall and reinstall, I'm expecting the same shit to happen with the browsers
When she first told me about this problem last night I asked her to run the Super Spyware Program, so perhaps by doing that the virus or computer is blocking its ports and that's why I can't get out to update it even after a reinstall. Perhaps because she was using Google Chrome while infected, some thing similar is occurring there. I'm real close to just backing up all her data and replacing her hard drive.
Should I try to restore to an earlier save point?
Any suggestions folks short of bringing this PC in to a shop?
Thank you -CC
Once infected none of the .exe files would work so when I guided her to run Super Antispyware Pro, it wouldn't work. I calmed her down, reminded her it was just a computer and today when I returned I did the following but still having issues. It's a Windows XP 32bit OS.
I have AVG, Spybot Search & Destroy, and Super AntiSpyWare Pro loaded on her PC, in addition to the windows Firewall active.
1) Logged in normally and unable to execute any files, so not able to scan. I did get a AVG notice that there was a Generic Trojan 18 TXN, asked me if I wanted to continue to block (i said yes) and asked me to clean but would not execute the process.
2) Logged in Safe Mode as Admin. Was able to run AVG & Spy Bot and removed the Trogan.
3) Logged in normally as my daughter ran some more scans and the system was clean. Opened her preferred browser "Google Chrome" and unable to access the Internet. Icon for Internet Explorer exists but she doesn't use it and that short=cut opens Chrome so up to this point no browser working. Opened Firefox and that works. So only Internet access is through Firefox.
3) Noticed another very odd thing. I was able to update AVG & Spy Bot via the Internet and get new updates, but for the Supery Spyware Pro. program was unable to get updates. I tried every thing; uninstalled, reinstalled, re-registered, deleted it from Firewall, added it back in to exceptions. rebooted, etc., never able to get updates; it reads "Can't get updates, check firewall.
4) I notice her wireless is connect using Windows XP and I have a Linksys Router. This happens occasionally so not odd, but trying every thing I turn off the Windows XP wireless connection and enable the Linksys software to connect to the router through its software. That goes fine but did not ask me for the KEY. That has never happened before. I was able to connect to our wireless network without having to put the key in. Now perhaps her PC remembered it, but normally if she is connected via Windows XP and I change it to the Linksys software and connect it always prompts me for the key.
Clearly this computer is still messed up but I'm not sure what else to do. I'm concerned some stuff in the registry remains borked as well as some dll files.
I have downloaded the setup files for Google Chrome and IE, but haven't installed them. I'm thinking in the same way the Supervirus Spyware program is corrupted and remains so even after uninstall and reinstall, I'm expecting the same shit to happen with the browsers
When she first told me about this problem last night I asked her to run the Super Spyware Program, so perhaps by doing that the virus or computer is blocking its ports and that's why I can't get out to update it even after a reinstall. Perhaps because she was using Google Chrome while infected, some thing similar is occurring there. I'm real close to just backing up all her data and replacing her hard drive.
Should I try to restore to an earlier save point?
Any suggestions folks short of bringing this PC in to a shop?
Thank you -CC
Last edited: