Windows Genuine Super Virus?

Hi!

I was at my dad’s work place and one of the computers got infected. I’m sure windows genuine is a spyware since I’ve had it before on my old computer. There was also another rogue anti virus program but I forgot what it was called.

I tried everything:

-Starting up Spybot S&D, it will just close the second I open it.
-Same goes for Malwarebytes and any other Anti-Malware Program.

I tried Combo Fix, didn’t work. No matter what, everything I try will just close the second I open it.

And I mean EVERYTHING:

-System Restore
-Administrator Tools
-Event Viewer
-Just about anything that might get rid of the virus

The computer is Windows XP, mostly used for monitoring the camera’s but sometimes the co-workers would go on myspace or something.

If you try to click a link, it redirects to a website to download a fake anti virus/ anti spyware. So I had to type in the download address manually (for spybot S&D, MBAM, etc.).

Safe boot is also blocked and will never start.

After leaving the computer on for awhile, it gets a blue screen. Or if you press “show desktop”, it will also get the blue screen.

Right now I’m posting this from my own computer since he’s not that good at explaining it, I hope someone can help because I’m deciding on whether I should just re install his entire computer.

If there is any way, any advice, please post it because I’m sure the computer has many valuable information in it. I’ve dealt with viruses before, but nothing this insane.

Please note that any program designed for removing malware will never open, I tried re-naming them but that won’t work either.

Background Info on the computer/additional details:

  • They had it for about 3 - 4 years.
  • It didn’t look like they had any sort of protection, my dad said people go there for a weekly scan.
  • McAFee popped up suddenly while I was looking through the control panel, but quickly closed by the virus.
  • Any other kind of start up besides normal mode will not work.

Thank you for reading, any additional details needed, just ask for it and I’ll try to answer the best way I can.

Try one or more of these rescue CD’s.

Download and burn the disk image on an uninfected computer. Boot the infected computer from the disk and run a virus scan (after updating virus definitions if this option is present).

Dr.Web LiveCD
Kaspersky Rescue Disk
AntiVir Rescue CD
Bitdefender Rescue CD
F-Secure Rescue CD

To try and get anti-malware programs running on the computer, follow the advice here (at your own risk- back up any important data with a rescue CD first!)

http://www.bleepingcomputer.com/forums/index.php?s=&showtopic=264757&view=findpost&p=1478433

Hey thanks, I’ll try this out when I go back. However I will probably go next week (Around November eight) so for now I’ll be accepting any other tips/fixes.

You might want to look at what I helped someone do here:

http://forum.avast.com/index.php?topic=50422.180

I helped someone do some disinfecting with a Linux LiveCD.

OH, and by the way, the funniest part about this whole thing is that there is a real, Micro$oft “Windows Genuine Advantage Notifications” program that most people in my line of work look at rather as a virus in its own right… :wink:

Cool, I’ll check it out if FreeWheelinFrank’s idea doesn’t work.

Hi again, before I go and try this, I just want to make sure I’m going to do this right.

  1. Get a blank CD
  2. Download one of those “rescue CD’s” and save to the blank CD.
  3. Put the CD into the infected computer and tap F12 (I think) and start windows with the CD? I wasn’t sure about this part.
  4. Update if option is available then run a full scan.

Please reply back ASAP, sorry that I’m asking this at the last minute.

How does it work? Dr.Web http://www.freedrweb.com/livecd/how_it_works/

It was in Russian until I selected English:
http://www.freedrweb.com/livecd/how_it_works/?lng=en

  1. Yes.
  2. No. Burn the iso image to CD. It’ll be an option in whatever disc copy/creation program you have, probably.
  3. No. Just boot from the disc.
  4. Yes.

Actually it’s the same idea: most of the rescue discs are Linux plus and anti-virus program.

Hello all, sorry I haven’t replied for awhile, but I finally had the time to go back to the store and I’m posting this from the uninfected computer downstairs.

I don’t think this computer has a disc copy/creation program so I don’t know how this is going to work. Man this is taking longer than I expected haha. But I give out a thank you for the fellow people that stuck with this slow thread, and just please hang on for a little longer if you will.

I’ll be waiting for the next reply, hopefully soon.

Hello all, me again, I decided to just use another uninfected computer.

Going to download the ISO again, just to make sure I’m clear, it should be a single file with the .iso extension at the end?

Windows media should be able to burn that right? Hopefully… :frowning: