Virus or spyware?

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi

I've been asked to look at a computer. On the desktop, there is a notice saying the computer has been compromised via its IP address, and goes on to list the computers OS, IP address, specs etc. At the very bottom there is a link to purchase an anti spyware program. The notice is the actual wallpaper on the desktop. Last time I had a pc with problem, I wasn't a member of this forum, and didn't know where to go for help. So I ran antivirus and antispyware programs on it until there was nothing left to find, but couldn't get rid of the notice. I ended up formatting the computer.

This time formatting is not an option, so how do I get rid of the thing. I can put antivirus and anti spyware on the machine, but id didn't seem to work last time. Also I cannot connect the machine to the internet, so the virus and spyware definitions are only going to be as up to date as when I downloaded the programs, about a week ago.

Can anybody help?

Many Thanks

By the way, it's now running XP Home with service pack 2.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I think its spyware, I seem to remember something simillar in another thread, I'll take a look and see if I can find it.

 

Can't find the thread, but I'm sure that the fix was to run Ewido

 

Last timeI I had this problem I ran Norton, AVG and Adaware. all found various errors and removed them, but I still had the desktop message. I was told by pc-world either to go through the registery, which i don't know much about, or else to format the drive.

Will Ewido actually get rid of the message?

 

Like anything in IT, unless you try it you'll never know!

 

Funnily enough, I've just put this on another thread.
It gets rid of most stuff I've come across.
I think Harry posted it originally.

http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction

 

Yes that was me! The problem that the original poster mentions sounds like a spyaxe variant. Which would mean using the 'smitrem' tool. All mentioned on that URL.

Harry.

 

i have heard of ewido being a fix for a lot of malware but no matter how good one program is , 2 is always better.

have you tried running the AV programs in safe mode?

the registry isn't that scary a place, just have a look and if you see something you are sure is dodgy, back-up and delete.

plus try HijackThis from merijn.org, awesome wee program.

good luck mate!

 

let us know if you manage to get rid of it without nuking the machine...

 

I had the same problem , my backdrop was replaced with a sign saying my com was infected, and the usual options for my desktop were taken out so to speak, etc and even though i ran my antivirus and spyware it picked up nothing. So i went to trend micro and got the free online scan. Thankfully that got rid of the problem and i couild even put my origianl backdrop back on.

As moominboy says 2 is always better than one, ive always found that what one program doesnt pick up another will. Anymore info you need just ask