Horrible Virus on XP

[jllipke]

A friend of mine was doing those stupid PTC sites and ended up with some Trojans some Worms and other, but minor things. We cannot find any of his files.

We hear that Windows takes " photographs " as if you want to call it that saves your things from previous days and that you can go into the system and bring them back. But we went and checked it out and we couldn't bring anything back. ( we found it but it wouldn't do anything after that)

We also tried downloading some new antivirus software ( avira free - Version ) but after downloading, we couldn't find anything

We also don't plan on going to a Computer store to get it fixed because that costs quite a bit of $$$

His Laptop is running on Windows XP Professional
I'm not sure about any other information about his Computer

Can Anyone Help???

Thank you

 

[voyagerfan99]

This thread will get you started.

http://www.computerforum.com/131398-important-please-read-before-posting.html

 

[johnb35]

You will need to run unhide.exe to make your files reappear.

Then follow voyagers post or just do this to make it easier for you.

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• then click Finish.
• If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
• Once the program has loaded, select Perform quick scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.



Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

When the hijackthis log appears in a notepad file, click on the edit menu, click select all, then click on the edit menu again and click on copy. Come back to your reply and right click on your mouse and click on paste.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log

 

[jllipke]

So I have to download some special software that I can't see

How will I be able to Run it?

 

[johnb35]

Somehow my linked got screwed up. I have fixed it. You download the file I linked to and run it, this will unhide all your files. You will be able to see anything new that you download. Download it to your desktop.

 

[jllipke]

thanks

I will tell you how it goes in a couple of days when I see my friend