XP Internet Security 2012 Trojan virus

My home PC has recently contracted the XP Internet Security 2012 Trojan virus. I have run an Avast full system scan and a start up scan. Neither have detected this virus. Short of taking my computer in for repairs, does anyone have any ideas? ???

The virus has rendered my home PC unable to connect to the internet. :-[

Help please!

Try this guide, and read it all before you start
http://deletemalware.blogspot.com/2011/06/remove-xp-antispyware-2012-xp-internet.html

if no success report back and Essexboy will remove it for you…

Who is Essexboy? I am concerned that since I can’t copy and paste to my home PC (no internet access due to the virus and not networked with this laptop) I am going to screw something up and make things worse. I am only partially computer literate.

Essexboy is the malware remover expert…

I send him a PM…

Thank you! This is so frustrating. I’ve used Avast for 8 years without fail… and now… :-[

Hi there lets get to work - is your start menu blank ?
The first programme will disable the malware, not kill it (yet) if you should need to reboot then just run it again.
All programmes are small enough to be transfered to the sick computer by flash drive

DownloadRogueKiller to your desktop

[*]Quit all running programs
[*]For Vista/Seven, right click → run as administrator, for XP simply run RogueKiller.exe
[*]When prompted, type 1 and validate
[]The RKreport.txt shall be generated next to the executable.
[
]If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next Reply.

THEN

To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.

Download OTS to your Desktop

[*]Close ALL OTHER PROGRAMS.
[*]Double-click on OTS.exe to start the program.
[*]Check the box that says Scan All Users
[*]Under Additional Scans check the following:
Reg - Disabled MS Config Items
Reg - Drivers32
Reg - NetSvcs
Reg - Shell Spawning
Evnt - EventViewer Logs (Last 10 Errors)
File - Lop Check

[*]Now click the Run Scan button on the toolbar.
[*]Let it run unhindered until it finishes.
[*]When the scan is complete Notepad will open with the report file loaded in it.
[*]Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Please attach the log in your next post.

I am going to make you crazy before this is all done, but… I only speak/read english and some spanish. I am not sure where I need to click on the Roguekiller website to download, and what is the cost?

never mind, I figured out the download ( I think) but even after changing the name and trying near 30 times to run or open it… it is blocked by XP Security

No problem, the programme is free and this will apply to any programme I ask you to run. Click on the link as shown on the screen capture

OK we will not be beaten

Note: If using Firefox right-click on any download links and choose Save As

Please download OTH to your desktop
Please download OTS to your desktop

Double click the OTH file to run it and click Kill All Processes, your desktop will go blank.

http://oldtimer.geekstogo.com/OTH/OTH_Main.gif

Then run OTS as requested previously

We need a chat option :wink:

I got it open, when I started it the notepad came up and says “Cannot find the \RKreport[1].txt file. Do you want to create a new file?”

Do I?

So RK has now run with option 1 - If so then start and run OTS please

It is scanning.(OTS)

Do I want to do anything on the notepad where it asks if I want to create a new file?

No OTS will give me the data I need

Well… the scan finished, but everything is gone from my desktop - I recopied the Roguekiller file from my flash drive but it won’t open it. Saying “The application failed to initialize properly”.

What did I do wrong ???

Did OTS create a log file ?

If not then can you burn a CD and we will work outside of windows

Please print these instruction out so that you know what you are doing

Latest version: v3.1.47.1

OTLPENet.exe
MD5=79209302A1AFB2490808DB890A815CED
Size: 127,222,215b / 121.3MB

[*]Download the attached scan.txt to a USB drive
[*]Download OTLPENet.exe to your desktop
[*]Ensure that you have a blank CD in the drive
[*]Double click OTLPENet.exe and this will then open imgburn to burn the file to CD

[*]Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
[*]As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :slight_smile:

[*]Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
[*]Double-click on the OTLPE icon.
[*]Select the Windows folder of the infected drive if it asks for a location
[*]When asked “Do you wish to load the remote registry”, select Yes
[*]When asked “Do you wish to load remote user profile(s) for scanning”, select Yes
[*]Ensure the box “Automatically Load All Remaining Users” is checked and press OK
[*]OTL should now start.
[*]Double click the Custom scans and fixes box
[*]In the dialogue locate the scan.txt you have on the USB
[*]Press Run Scan to start the scan.
[*]When finished, the file will be saved in drive C:\OTL.txt
[*]Copy this file to your USB drive if you do not have internet connection on this system.
[*]Right click the file and select send to : select the USB drive.
[*]Confirm that it has copied to the USB drive by selecting it
[*]You can backup any files that you wish from this OS
[*]Please post the contents of the C:\OTL.txt file in your reply.

I don’t see a log. I’ll have to follow your directions - hopefully I can understand this.

I will be here for a little longer

It is a very easy programme to run albeit a bit slow as it is a PE windows

I hope it is easy, because you are dealing with someone who knows just enough to be dangerous. I will work on this a few minutes longer and then need to go pick up a kid and start some dinner. Hopefully I don’t really mess something up.