Okay. It was my fault. I saw that a file required a codec and I knew it was B.S. but like all good magic tricks the hand was quicker than the eye. I set the ball rolling with my fast fat fingers. I went to cancel it, but of course it was too late. My Spyware program (Spyware Doctor) caught it and got rid of it but what was already installed was already installed. But I never have seen one quite this bad before.
First, I have the "Your computer is full of Spyware and Viruses. If you do not download OUR software RIGHT NOW all will be lost and half the world population including your cat and your dog will DIE." Obviously I have seen this scam a LOT. This one has actually gone far enough to put a large "VIRUS ALERT" in my toolbar and replace some of my desktop icons with icons for the software it intends you to buy. Quite brash.
Second, I am now getting the "Your computer has failed Genuine Windows Validation". I have seen this scam many times too and I know damn well my copy of XP meets Genuine Validation requirements. Anybody with eyes can see that the "Click this link for more info" link doesn't even take you to Microsoft's website but the website of the scammers.
At this point Spyware Doctor thinks it has removed all of the offending software (and for all I know it has removed all it can) but I am still stuck with this tumor on my machine. I am afraid to do too much with the computer since I obviously have no idea what it may be collecting and sending where. (I am using my backup machine to write this post.)
Normally at this point I would just go back and restore to one of my backup points a few days before the incident. That has saved my bacon a couple of times in the past. But of course that would be too easy nowadays and when I try to do that it shows I have no backup points. I can only assume that they are either being blocked or have been erased by this annoying piece of evil now residing in my machine.
What to do? Good Lord I do not want to do a wipe and install. The sheer volume of files I will need to replace is insane on a daily working computer. Yes, I have many backed up but still, many of you know the pain of starting fresh and know it is such a wonderful thing to avoid if it can be helped.
Does anybody know of a way to maybe get to my backup points from a DOS promt or some other way to get to them before Windows (and the malware) actually loads? Detailed instructions would be vital in that case. Does anybody know where and what to look for to see if I can actually find the raw date restore file and force it into place without using Windows default date restore program?
Is this something I should pay Microsoft tech support to help me with? If at all possible I do not want to purchase 18 different anti-spyware programs just because 18 people have a favorite they just "know" will solve the problem. I was almost tempted to purchase their software to let it do it's B.S. thing and then see if I could restore back to before the incident and thus get rid of it, but obviously it is stupid to give ANY financial information to obvious criminals. Duh.
Sooooo... anybody have this happen to them before on such a grand scale? What did YOU do?
I know of a highly-respected malware-removal specialist who goes by the name of MrCharlie. HERE is a link to one of his posts. This guy has helped a lot people rid their computers of some really nasty malware! I wish you the best of luck, MrBang.
MrBang meets MrCharlie!...lol[:D]
If you were running Windows Vista the rollback would be very simple...
However.. try using the program Super AntiSpyware. It can be downloaded at superantispyware.com and it's a free product. I have used it many times to rid computers of this exact type of virus. If you can, download it on a different computer to an external media such as a usb device, then install it on the infected computer with your computer not connected to the internet. Once installed, reboot the computer to 'safe mode with networking' and plug your internet cable back in so that the program can update in safe mode. Now run a 'complete' scan using the software and allow it to reboot after the scan is complete. Hope that helps, it's worked very well for all others in the past.
I agree with the use of SuperAntiSpyware! Between that and Spyware Dr., you "should" be able to rid yourself of the offending bug. AND always be sure your spyware and virus programs are up to date; that is critical in this day and age.
Good luck to you!