Solved

windows xp product id replaced with virus alert!

Posted on 2008-06-18
9
3,253 Views
Last Modified: 2013-11-24
A virus has infected a computer and replace the windows xp home product id with the phrase VIRUS ALERT!, it also added the same tag to the date time stamp so that the date time stamp shows the date, time and VIRUS ALERT! at the end of every file on the system.
0
Comment
Question by:stevegingell
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 10

Expert Comment

by:peetm
ID: 21814541
Have you got rid of/identified the virus at this stage?
0
 
LVL 20

Expert Comment

by:IndiGenus
ID: 21814607
It would help if we could see what was going on with your computer. I suggest that you download, run, and upload a HijackThis log from the link below.

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

Click on "Do a system scan and save a log file" button. Post the text from the log file. Do not have HJT fix anything at this point.

Please do not post the log into the comment window. Use "Attach File" under the comment window to post the log.
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 21814897
stevegingell--But before running HiJackThis, run the antivirus and antispyware programs on your PC (using up to date reference definition files) and delete what they suggest.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:stevegingell
ID: 21814936
In response to peetm's question.  As far as I know I've successfully removed any and all virus' from the system and belive this to be the damage left from the infection.
For IndiGenus I've included the hijack file.
hijackthis.log
0
 
LVL 10

Expert Comment

by:peetm
ID: 21815175
Ok, so now search the registry - Start | Run | Regedit - then, in Regedit, Edit | Find  VIRUS ALERT!
0
 
LVL 20

Accepted Solution

by:
IndiGenus earned 500 total points
ID: 21815279
Yes, HJT looks clean. How to fix this is explained really well here in miekiemoes blog (she is very highly respected in the anti-malware forums).

http://miekiemoes.blogspot.com/2008/05/virus-alert-in-clock-and-how-to-restore.html
0
 

Author Comment

by:stevegingell
ID: 21817068
IndiGenus had the right repair from miekiemoes web site.  Thanks, 500 point to you.
0
 
LVL 20

Expert Comment

by:IndiGenus
ID: 21817123
Glad it worked out. That's not the first time miekiemoes has had my back, she knows her stuff and always seems to be one step ahead of the game. Perhaps because she spends so much of her time on the front lines fighting Malware.

Regards,
Dave
0
 

Author Closing Comment

by:stevegingell
ID: 31468443
Thanks again for your help.  I didn't mean to leave everyone hanging.  I thought I had accepted the answer.  I didn't know about the need to click on the accepted solution link.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
The viewer will learn how to implement Singleton Design Pattern in Java.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question