Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware removal - Windows Antivirus Software


  • Please log in to reply
No replies to this topic

#1 dontpanic_42

dontpanic_42

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 26 June 2011 - 09:13 AM

Hi,

I was asked to help a friend remove the "Windows Antivirus Software" from her computer. The virus was downloaded as part of a photo contest form. Not only did they infect her computer, they charged her for the entry fee. (She's 84 years old and is pretty sure that her cat is the cutest in the world - so why not enter a contest ;). argh.

I was not able to get a screen shot of the virus (I have a pic of the cat if you want it), but I'll try to describe it.

Right after boot up, there is what looks like a splash screen that says "Windows Antivirus Software" (white background, green lettering) and has some technical-looking statistics on it about the number of viruses that your computer is effected with. The entire background behind the splash screen is a light blue. In front of this splash screen is a pop up that tells the user to "Click OK" in order to scan for viruses. The only interaction that the user can do is click "ok". Closing the window will not work, Ctrl+Alt+Del is ineffective.

As usual with these viruses, I tried to put it in safe mode to remove. The same splash screen shows up in safe mode which is why I decided to post here.

Here is how I removed it:
Activate Safe mode with command prompt. (Even in this mode, the desktop had that same light blue color that showed up with the virus - but at least the splash screen was gone)
Run system restore from the command prompt <Start Restore> (requires system administrator)
Proceed with system restore to a known-good time.
Run a virus or malware checker of your choice to double check (I ran two and found no additional viruses or malware)

The computer is an older Dell running Windows XP

If anybody else has seen this virus and has other ways of dealing with it I'd appreciate hearing about it.

Thank you

D

Edited by dontpanic_42, 26 June 2011 - 09:30 AM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users