recently, I picked up some spyware which really messed up my computer. First it stopped me connecting to the internet on my desktop pc which is running windows xp home, (but my wireless connection was fine, hence I'm still using my laptop) kept trying to connect to dodgy sites, disabled my task manager, stopped me opening any progams and gave me false popups about buying virus protection (a program called antivirus soft)
Eventually I managed to start my task manager before the virus kicked in right when I started up my computer, and all my problems actually disappeared apart from the internet not working. I have found 4 spyware registrys using my virus software, which are all hiding in C:\system volume information\_restore.... *and then a whole load of numbers*. Example -
C:\system volume information\_restore{B1AF6306-70F0-4416-91D0-2A49F3B95B86}RP1618\A0363891.exe
there are 3 other variations of this. 3 are identified as FraudTool.Win32.XPSecurityCenter.P and the other as FraudTool.Win32.XPSecurityCenter.u
My virus software (Virgin Media Pc Guard) has just left it where it is.
So do I just delete the files? Do I actually need them, is the whole file the virus, or is it a genuine windows files which contains the virues and thus I need to go into it and delete parts of it?
I've read that if you turn off system restore and then do something it will fix the problem, but I'm not sure. Any help would be appreciated.
Thanks.
Edited by Towser83, 11 May 2010 - 10:21 PM.