I didn't download the trojan on purpose; I'm really careful when it comes to which sites i visit and what i download...
I knew immediately that it was a virus because i remembered hearing about it awhile back. It told me my computer was infected, pretended to run a scan of my hard disk and then listed some fake viruses that it accused me of having. It then brought up a fake window that looks like the one that tells you whether you have a firewall and antivirus running. The window claimed that i was infected with spy-ware.
The thing then kept trying to connect to The Internet using Internet Explorer (which isn't my default browser) and tried to get me to pay for it to remove the fake virusses from my computer.
I disconnected my computer from The Internet and tried to run my real antivirus software (AVG Free 9.0, regularly updated) but the fake on wouldn't let me, i just kept getting messages saying that the registry entry for any application i tried to run was missing.
The virus kept trying to get me to purchase it by telling me over and over again that i was infected and brought up the same message as soon as i would close it. After i had tried to close it many times, it started bringing up loads of Alert Icons in the toolbar, it created hundreds of them and did so so quickly i couldn't close them down fast enough.
After rebooting my computer several times i had the same problems but noticed that if i opened an application as soon as the desktop appeared, the virus wouldn't stop me (if i waited a few more seconds it would do). First i tried running my antivirus and doing a scan, but the virus was creating so many taskbar icons it slowed my computer down to the point that the scan would stop. Also, the window i was running a scan in would be permanently situated behind the viruses messages.
I was forced to do a system restore and this seems to have got rid of the damn thing.
Whavg free antivirus software download for windows xpat i am wondering is: How did the virus install itself without me downloading it and executing it?
Also,: how could i have dealt with it without using System Restore?
I'm using Windows XP Home SP3, AVG Free Antivirus: allways running, updated 2 days before i got the virus
Thanks for reading my long explanation, and thanks in advance for any help you can give.
download Malwarebytes and SuperantiSpyware both are free and very effective, once downloaded install and update both then run quick scans with each, remove anything they find and restart.
Finally install Avast Anti-Virus which is free and run a boot-time scan, it will remove viruses before they have a chance to start and thoroughly disinfect your computer.
You could download the 3 programs below from the computer you are on and take them to your computer then install them that way.
Keep Avast Anti-Virus installed to prevent you getting another virus in the future.
Avast Anti Virus:
SuperantiSpyware:
Malwarebytes:
This is standard for a fake antivirus tool. It will prevent you from running any installed antivirus package.
Download Malwarebytes antimalware from
It works more often than not.
Use combofix from bleepingcomputer.com, then download malwarbytes(you may need to rename the installer/setup to something like winlogon.exe to be able to run or install it) from malwarebytes.com or softpedia.com, then clean the rest of the virus with superantispyware and Hitman Pro 3.5 from softpedia.com/cnet.com and just in case you do have a rootkit on your system use GMER from majorgeek.com(Use gmer to scan and anything in red delete.)
Future Protection use this wizard to recommend security protection for your system:
or go to safe mode and then do the above:
To get into Safe Mode with Networking:
1. Log out and reboot your machine.
2. When the machine starts the reboot sequence, press the F8 avg free antivirus software download for windows xpkey repeatedly.
3. Select Safe Mode with Networking from the resulting menu.
Note: Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware.
Or Manually:
Terminating the process:
1.I verify that a Rogue is present. This isn't hard, since it's usually popping up just about every few seconds.
2.Click CTRL-ALT-DELETE (if it's available)
3.Click Task Manager
4.Click Processes
5.Find a process that usually contain all numbers. For example 2342342.exe. If you do not see all numbers then your rogue has a name like...SystemSecurityPro.exe or GreenAV.exe...etc.
6.Select that process and click end process.
7.At this point the rogue process has been terminated.
Removing Rogue Anti-virus that is named with random numbers.
or If you can't open task manager then use Rkill from
1.Click Start
2.Click Run (or for Vista/Win7 type in the start search box)
3.For windows xp type: C:\documents and settings\all users\Application Data and click OK. A window will open containing a folder with about 8 numbers. Your Rogue is in there. Delete that folder.
4.For Windows Vista/Win7 type C:\users\all users in the "start search" box and click enter. Your randomly named folder with about 8 digits should be in there. Delete it.
Removing Rogue Anti-Virus that has a name like System Guard Pro, AV2010, etc
1.Open Windows Explorer.
2.Open your C:\ drive.
3.Open Program Files
4.Find the Rogue and Delete the folder.
If not seek an expert. Good Luck!
Get a good AV program. Check out this review and pick one of them.
As you can see the free AV did not help you when you needed it. You many have brought this into your system entirely through stealth. You need protection that is always on and always watching.
No comments:
Post a Comment