My computer is running Windows XP. Thursday night, my sister downloaded god know's what onto my system without asking and also somehow disabled my TrendMicro AntiVirus (bonehead
) and now for the first time in my computing life I have an infected system. She tried to fix the problem before I found out and I think has made it worse. She has downloaded and installed HijackThis, AVG Anti-Spyware, Malwarebytes Anti-Malware, ATF Cleaner, and Spybot Search and Destroy in attempts to clean the trojans off, and has deleted many files that have shown up in the sweeps. She also tried to run Panda online but says that the process shuts down before completing. When I found out today, the first thing I did was disconnect the computer from the internet to hopefully prevent more infections. Unfortunately she can't remember everything she deleted so hopefully nothing important. She did tell me that every time she ran a sweep it was picking up different programs so it might be that the trojan kept changing and installing more malware? I'm not sure how that works, obviously I'm not technically inclined.
I am on a friend's laptop hoping to find a solution.
The symptoms I have noticed are:
multiple pop-ups and pop-unders and freezing IE Windows. I haven't tried Firefox yet to see what happens there.
error messages, such as: "out of memory" and Spybot Search and Destroy since installed gives multiple "failed to load" messages, mutiple Microsoft Visual C++ errors, "Debug Assertion Failed dbgheap.c," and "invalid floating point operation."
Whatever she deleted or whatever trojans I have seem to have erased all system restore points except and infected one.
How can I tell what's infecting me and how to remove it? I don't even know where to begin to fix it. Any help would be appreciated.
Edited to add- I thought I might should also give the information that my system has two different user accounts. One password protected, which is the account that was infected and the other a general Administrator account.
Edited by NorthbyNorthwest, 19 April 2008 - 07:29 PM.