Help! I have a virus ...........

I haven't looked at that site yet so I'll try it - thanks!

you are very welcome..that is what they told me to do and it got rid of whatever it was....it is safe

Its called Ad-Aware 2007 its at the top of the page...click on free version

sorry, i didn't see you mentioned "bleeping computer" Cherokee_Rose, another good site...a lot of the same people from "the elder geek".

I've had a look at that site too - it's full of useful information for someone like me who doesn't know much about these things! I've tried a few things so far and it does seem to be working better but there's definitely still something on here so going to do the "hijack this" thing. Thanks!

no problem. i've had similar problems to what you mention (pages and pop ups that come up and drive you nuts) there's something out there called "combo fix" that pretty much will knock anything out, and i have ran it on my own with no problems (it changes minor settings that you can fix) but it comes with a warning that you should only use it with a pro. walking you through it, but like i said, iv'e used it with no ill effects. anyways, just thought i'd mention it.

well - I have downloaded Combo fix but haven't used it yet. Was a bit nervous of using it because it sounds pretty powerful! However, it's good to know you've used it and your pc survived lol!

By the way, just in case you (or someone with physical access to your computer) fall for a similar trick in the future, you might be interested in knowing how to lock the kernel. In order to start with Windows, malware must be able to install/modify a system service or driver, write to the registry, or both. Disabling write-access to these regions foils the attack. Here is one method that works on all versions of Windows 2000, XP, and Vista: http://invincible-windows.blogsplot.com/

Hi Gabs - I haven't tried that anti-virus although in the last day or so I've downloaded that much stuff to try and fix this that I'm not sure what I've all got on this pc now lol! Will try that one too though xxx

Just type Antivir into your Browser but do get rid of the others you downloaded because if you have to many on the Computer they will not work as good believe it or not, once you are on the Site just follow download Instructions if you need to know anything shout ok

Not so fast. Did you try my response Stilleto?

I'm going to get rid of this flipping thing first (even if it kills me - or my pc!) but will look at Antivir when my pc is back to normal. I've used AVG for ages and have always found it very good but it can't cope with this one! Although to be fair having read about the infection it seems most anti-virus programs can't deal with it anyway but I'm disappointed AVG let it through without even warning me.

Well the malware got through and did this due to your clicking it (many people do this). Many bad programs sliver in like this and they go right to work blocking antiviruses and attaching themselves to prevent removal under normal conditions.

If you need some safety programs for consideration heres a list of 15 items you could use. Of course you'll have to pick and choose, but many of the programs are quite handy.

Did I mention most of these are free to use...

http://www.pcworld.com/ar...

Hey pro thanks for this I will take a look as well

That's another really useful link - thanks progamer!

I've done so much stuff to it in the last couple of days and it is working better so I've obviously got rid of some things but it's still not ok so there is definitely something still on it. I'll try scanning in safe mode first to see if that works but if not I'll try to repair it. Thanks for the link!

if you're going to go to the extreme of reformating or wiping clean your hard drive, i'd go ahead and try the combo fix you downloaded. just don't mess with it...let it run till it reboots your computer and gives you a report.

Well I've tried scanning in safe mode and unfortunately it didn't work. It detects the infected files but can't quarantine them and I can't delete them. The combo fix thing scared me a bit when it came up with the stat about 1 in 100 pc's don't survive the procedure - or something like that anyway! I so don't want to reformat though. I'm going to try the combo fix now and if that doesn't work then it's the repair.

There is AVG rootkit as another option and I left the link for it in a response above. If you don't want to do that, then its understandable.

The only other thing I can think of trying is a system restore.

I was looking at AVG Rootkit actually when I followed your link. Hmm, I don't know ... I can't do a system restore because it won't let me. I've tried a few times but it keeps failing, which is apparently something that this particular virus does. I swear if I could get hold of the person responsible for this I would cause them physical harm lol!! I shall never again click on a link that comes through IM - no matter how genuine it looks.

I found this website which has removal tactics for a certain MSN messenger virus. Did yours come with a toolbar?

Either way, should be worth a look.
See if you have anything this website describes Stilleto

http://www.technibble.com...

And here are some other websites that maybe of value.
They describe MSN messenger viruses and removal strategies

http://www.digital-life-e...
http://www.trap17.com/ind...
http://ezinearticles.com/...

Thanks so much for those links - have had a look at them and the first one sounds a lot like what I have although I don't have a toolbar. Will try it in the morning. Its now 2am here and I've spent almost the whole day trying to get rid of this thing!! Will let you know how it goes!

Well it's finally gone I hope! Can't believe I've spent 2 or 3 days on this. I will never again click a link that comes through IM anyway - I've learned my lesson. I ended up using Combo Fix which seemed to more or less fix it completely but I also used AVG anti-spyware which seems really effective. Anyway, thank you so much for your help with this progamer - I now intend to make my pc like a fortress, not going through all this again!

Okay, great to hear!
Glad to help Stilleto... hopefully you know that.

And about AVG antivirus...
For a real time scanner shield after AVG-Antivirus "full" expires, you should look into Spyware Terminator. That has a realtime shield.

You're always so smart and helpful, to be honest I was really hoping you would come into this discussion. We've discussed this before but you would have an 11 star if it was up to me xx Anyway I will be very, very careful in future and am going to check out all the info that's been left on this discussion so there will hopefully be no repeat disasters in the future!

I'm trying to avoid having to pay someone to sort it out but I may well end up having to do that lol! Thanks for responding itsmepinky.

just run the "combo fix" you already downloaded There's a 99.9999999% percent chance this will fix your problem. it's kinda scary, but i've used it on my own like 3 times now and never had any problems with it, and it knocked out the same kind of viruses you describe. if you're going to resort to restoring your operating system anyways, then no harm, no foul...

I understand. But really, it's ideal to reserve the repair installation as a last resort. Ewido was always the best at removing a process-injecting Trojan without crashing Windows, even before it surpassed Trojan Hunter in sheer detection rate, and TDS-3 dropped out of the race. We don't know yet whether this is what the OP has, but unless she has a rootkit (which her AV scanners likely wouldn't see at all), Ewido is a solid first choice. Be it a process-injecting Trojan or a polymorphic Trojan, this product is most likely to find and fix the problem without giving the user the runaround. I believe you when you say you've used Combo Fix without any problems, but I see a lot of cries for help from people who weren't so lucky.

Well I've spent all day on it but finally it's gone (I hope!). I scanned in safe mode and it got some but not all of the infected files. I also downloaded AVG Anti-Spyware which removed a whole load of stuff but still not the files I wanted. No matter what I did it wouldn't let me do a repair install. In desperation I ran Combo Fix and it deleted a whole load of stuff. It was pretty scary though but at least my pc survived! So after another scan I managed to delete everything that was infected. Apparently what I had was something that Trend call cryp_tap_2 some sort of worm thing I think! It looks like it's gone now anyway. I'm not sure if everything is working perfectly but it seems to be ok so far.

Thank you so much both of you for your help, I really appreciate it. I'm hopeless when it comes to stuff like this - I'm not technically minded at all.

Hopefully the thing really is gone, but there can be self-replication.
Just for security sake I would recommend rechecking the other "anti-Messenger virus" links I had posted, just in case the processes/files listed come up on task manager or in msconfig. Anything's possible with viruses.

I'll do that progamer because the last thing I want is it reappearing! Actually those forums have lots of useful information anyway for someone who is as clueless as I am about these things. I've bookmarked them all. I suppose the positive is that I've found out about a whole lot of things I never even knew existed!

Thanks again for all your help

Oops! I posted this in the wrong place: http://www.mylot.com/w/di...

Thanks for the link santuccie. I notice it's your blog so I'm going to add it again here because the link you posted didn't work (it had an extra l in blogspot!) just in case others reading this discussion want to look at it http://invincible-windows.blogspot.com/

I've bookmarked it anyway so I can look through the info on it. Also I've no doubt I'll have another disaster at some point so at least I'll know where to look next time!! Thanks again for all your help

You're very welcome. And thank you for correcting the typo. Oops!

Oh yeah, one more thing. Once you're fairly certain everything is okay, you might want to install a drive imaging program that can restore your entire operating system, even if a virus hits it so hard that it can no longer boot. The undisputed leader of this industry is Acronis True Image, and they just so happen to be having a promo right now. Register now for a free copy of True Image version 8, so you'll never have to reinstall Windows again: http://www.acronis.co.uk/mag/pcpro/ati8pe

If you have any more questions, or if you need assistance, feel free to add me as a friend.

Thanks - I'm sending you a friends request anyway.

Thanks for responding Asylum - I've finally got rid of it but it's taken days!! Never again will I click a link that comes through messenger! Not being able to do a System Restore was a big worry and then when I couldn't even reinstall XP I was REALLY panicking lol!! However, it's finally fixed and to be honest I did so much to it I'm not really sure what it was that worked in the end.

Hi Ivor - I've done that with AVG and I do usually find it really good, plus it's free of course which is even better! It was just really stupid of me to click on the darned link but I've learned my lesson now - will never do it again on msn messenger anyway. Thanks for responding

I'm glad you use AVG

I hope you had a nice Mothers Day.

Where are you I miss you?