[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3261
  • Last Modified:

windows xp product id replaced with virus alert!

A virus has infected a computer and replace the windows xp home product id with the phrase VIRUS ALERT!, it also added the same tag to the date time stamp so that the date time stamp shows the date, time and VIRUS ALERT! at the end of every file on the system.
0
stevegingell
Asked:
stevegingell
  • 3
  • 3
  • 2
  • +1
1 Solution
 
peetmCommented:
Have you got rid of/identified the virus at this stage?
0
 
IndiGenusCommented:
It would help if we could see what was going on with your computer. I suggest that you download, run, and upload a HijackThis log from the link below.

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

Click on "Do a system scan and save a log file" button. Post the text from the log file. Do not have HJT fix anything at this point.

Please do not post the log into the comment window. Use "Attach File" under the comment window to post the log.
0
 
jcimarronCommented:
stevegingell--But before running HiJackThis, run the antivirus and antispyware programs on your PC (using up to date reference definition files) and delete what they suggest.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
stevegingellAuthor Commented:
In response to peetm's question.  As far as I know I've successfully removed any and all virus' from the system and belive this to be the damage left from the infection.
For IndiGenus I've included the hijack file.
hijackthis.log
0
 
peetmCommented:
Ok, so now search the registry - Start | Run | Regedit - then, in Regedit, Edit | Find  VIRUS ALERT!
0
 
IndiGenusCommented:
Yes, HJT looks clean. How to fix this is explained really well here in miekiemoes blog (she is very highly respected in the anti-malware forums).

http://miekiemoes.blogspot.com/2008/05/virus-alert-in-clock-and-how-to-restore.html
0
 
stevegingellAuthor Commented:
IndiGenus had the right repair from miekiemoes web site.  Thanks, 500 point to you.
0
 
IndiGenusCommented:
Glad it worked out. That's not the first time miekiemoes has had my back, she knows her stuff and always seems to be one step ahead of the game. Perhaps because she spends so much of her time on the front lines fighting Malware.

Regards,
Dave
0
 
stevegingellAuthor Commented:
Thanks again for your help.  I didn't mean to leave everyone hanging.  I thought I had accepted the answer.  I didn't know about the need to click on the accepted solution link.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now