xp antivirus virus

[ohjack46]

I got the xp antivirus virus on my Dell Inspiron. lancelhof.com has a
procedure but it begins w/ a dll file that my laptop can't register because
it can't find the entry point. I heard of someone else who solved the virus
problem by doing a restore, tho I can't get any details of what that
entailed. The documentation on my Inspiron just has a card that says I can
get the info I need to restore by double clicking on the Owners;s manual on
the desktop. However, I can't even get Windows to open in other than safe
mode so I don't see the desktop.
Anyone have any ideas about what to do next?

 

[Leonard Grey]

Is comprehensive anti-malware software installed on the computer? If so,
boot to Safe Mode With Networking, update your definitions and run a
full scan.

If not, or if your computer won't even start in Safe Mode, it's time to
show your computer to a professional or erase your hard disk and
reinstall all your software.

Comprehensive anti-malware software looks for all types of malicious
software.

 

[nass]

I got the xp antivirus virus on my Dell Inspiron. lancelhof.com has a
procedure but it begins w/ a dll file that my laptop can't register because
it can't find the entry point. I heard of someone else who solved the virus
problem by doing a restore, tho I can't get any details of what that
entailed. The documentation on my Inspiron just has a card that says I can
get the info I need to restore by double clicking on the Owners;s manual on
the desktop. However, I can't even get Windows to open in other than safe
mode so I don't see the desktop.
Anyone have any ideas about what to do next?

If you can log into safe mode then try the system restore from there by
doing this:
Click Start >> All Programs >> Accessories >> System Tools >> System
restore. On the Calender select a date where a restore point created and
restore.
See if that will help to log you into Normal Mode and perform the cleaning
steps below.
XP Antivirus Removal Instructions:
http://www.bleepingcomputer.com/malware-removal/remove-xp-antivirus-2008-2009

1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
http://www.malwarebytes.org/rr-update/rr-free-setup.exe
http://onecare.live.com/site/en-gb/default.htm?s_cid=sah
http://onecare.live.com/standard/en-gb/default.htm

Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html

Run disk clean up on your Drive.
You can download this tool o run clean up:
http://www.ccleaner.com/download/builds/downloading-slim
If you need further help you can send the log or subscripe (free) to one of
many forums whom specialized in Hijackthis Analysis.
Download Hijackthis and send me the log.
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)
Send me copy to my address is : to_you_ross(at remove this and repalce with
the obvious)yahoo.co.uk

( _ is underscore)
HTH
nass

 

[Mick Murphy]

The 2 programs, Spybot Search & Destroy and Malwarebytes, should fix your
problem, if you download them, install and update them; then run them in Safe
Mode.
All info below.

http://www.spybot.info/en/index.html

Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program.
Download, install, update, and immunize your System with it.
Then SCAN with it.
Update it, and scan your System once a fortnight.

http://www.malwarebytes.org/mbam.php

Malwarebytes is as the name says, a Malware Remover!
For the Free version scroll down their page to either download from
Download.com, or Major Geeks.com

Download, install, and update.

Important re: Safe Mode
If you happen to find a problem that you can’t uninstall / delete, reboot
the computer, and go into Safe Mode.
To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow
key to get to Safe Mode from list of options, then hit ENTER.
RESCAN your computer with your Anti-Virus, Malwarebytes and Spybot S & D
while in Safe Mode.

 

[Mick Murphy]

Also, make that Safe Mode with Networking, as you say you can't get in to
your desktop normally.

 

[Kayman]

I got the xp antivirus virus on my Dell Inspiron. lancelhof.com has a
procedure but it begins w/ a dll file that my laptop can't register because
it can't find the entry point. I heard of someone else who solved the virus
problem by doing a restore, tho I can't get any details of what that
entailed. The documentation on my Inspiron just has a card that says I can
get the info I need to restore by double clicking on the Owners;s manual on
the desktop. However, I can't even get Windows to open in other than safe
mode so I don't see the desktop.
Anyone have any ideas about what to do next?

Educational reading:
"The only way to clean a compromised system is to flatten and rebuild."
http://technet.microsoft.com/en-au/library/cc512587.aspx

Too complicated? Not possible at this stage? No help available?

Try this:
Download/execute:
David H. Lipman's MULTI_AV Tool
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
http://www.pctipp.ch/downloads/dl/35905.asp
English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/
Additional Instructions:
http://pcdid.com/Multi_AV.htm
--and/or--
Kaspersky's AVPTool
http://downloads5.kaspersky-labs.com/devbuilds/AVPTool/
--or--
http://ftp.kaspersky.com/devbuilds/AVPTool/
There's no updating involved since the scanning engine is updated
several times a day and you simply download the updated scanner whenever
you want to do a scan.
--and/or--
Dr.Web CureIt!® Utility - FREE
http://www.freedrweb.com/cureit/
--and/or--
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

If after scanning and 'successful' removal of malware the system is
considered 'clean', do this:

Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
Please, do not post HJT logs to this newsgroup.
Fora where you can get expert advice for HiJack This! (HJT) logs.

NOTE: Registration is required in any of the below fora before posting
a HJT log and read the 'stickies' (instructions/guidelines) for
the respective HJT forum.

http://www.theeldergeek.com/forum/index.php?s=2e9ea4e19d3289dd877ab75a8220bff6&showforum=29
http://forums.whatthetech.com/HijackThis_Logs_and_Infections_Removal_f27.html
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.bleepingcomputer.com/forums/forum22.html
http://www.spywarewarrior.com/viewforum.php?f=5
http://www.thespykiller.co.uk/index.php?board=3.0
http://castlecops.com/forum67.html

To flush your System Restore after doing these cleaning steps.
Do this:
Right click "My Computer" icon and select Properties from the drop down
list.
On the system Properties click on System Restore Tab and *check* the box
'Turn off System Restore on all drives'.

Click [Apply] then click [OK]

Try to access some programs on your machine then do the stepes again:
Right click "My Computer" icon and select Properties from the drop down
list.
On the system Properties click on System Restore Tab and *uncheck* the box
'Turn off System Restore on all drives'.

Note: ensure that under 'Available drives' the Status of Drive does show
'Monitoring'.

And then manually create a Restore point.
Go to:
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/systemrestore.mspx
And scroll down to: Create a Restore Point.
Done!

Good luck