The first step would be to boot in safe mode and run a full scan.

You could also try using Trend Micro's free online scanner.

I have AVG on my computer and it was updated this morning...so I'll do the scan in safe mode, however I get a 'fail to connect' message when I try to go to any antivirus sites, even the link you provided. I thought maybe I could outsmart it and downloaded Avast from downloads.com. I was able to download it, but when I tried to run the set up I get a self extract error.

Thanks, Andrea

Try rebooting in safe mode and running the AV software, then try rebooting in safe mode with network support and running the trend micro scan. If you're being blocked from AV sites, you're probably infected. It could be that this virus is newer than the latest definition files you have for AVG, in which case, it won't fix the problem in safe mode (but safe mode with network support might work).

that sounds like it could be one of the bad ones possibly vundo, let me suggest you go here and post in this area, ask Corrine for help tell her I sent you, she will assist you with this using some special programs. Be sure to say in your post that you are unable to get a hijack this log or run AV programs including online scans.
HijackThis Logs

I'll do that Raven, thank you so much. I'll let you know how it goes.

Andrea

wow Andrea I knew it was a bad one, even worse than I thought, but you are doing very well following the directions. The team will get you fixed up. The tdssserv rootkit is one really nasty infection.
But rest assured you are in the hands of the very best teams on the internet, it takes time and many are in different time zones so keep that in mind.

You will be good to go soon! Good work so far! I am proud of your effort!

Well Raven, I just got a CLEAN BILL OF HEALTH !!!!!!!!!

Corinne and the team really know their stuff...I was just doing my best to do as I was told. LOL My head didn't even explode...although it WAS close a time or two, and no one was allowed to talk to me for 2 days.

I really can't thank you guys enough...I've bookmarked that forum and plan to visit the lounge to associate some words.

Thanks again and again,
Andrea

Thanks for letting us know you were able to get it fixed and also for letting us know that it was the visit to the site suggested that got you fixed.

You are very welcome Andrea, yes it is one of the best on the web for getting the top notch pros to work with you, it can get intimidating when having to go through so many logs and programs but when you get to the right place and the right team it makes all the difference in the world.
Please do come on back and visit us sometime, we do play too not just work LOL

You really surprised us when we saw the logs and realized it was a rootkit, there was some serious scrambling behind the scenes LOL

Take care and definitely do run those programs that were given on a weekly basis for a while.

were you able to get rid of all the toolbars or do you need help to do that using HJT? If you find you do just go on back and start a new post for that.

Hi,
Just curious in cas I ever did to do this, how does one do a Hijack This Log file? Thank you. Oh, I have XP Home Ed..
Sapphires

sapphires when you are sent to one of the pro help forums they all have very specific directions and instructions for you on how to install and set up and post hijackthis logs. But this is a program that is not for casual personal use it must be used by the pros who read the logs, they have special training to do that. So you really don't want to worry with that till you really have to. It is one of many of the diagnostics programs that they will tell you to run to be able to see what is on your pc and what should not be on your pc.
For example on the link I provided to Andrea at the top of that area are posted sticky threads that must be followed on how to do a submission and how to do logs etc.

Thanks ravencajun, I was just curious and hopefully will never need that.

Sapphires

RC, How do you feel about free software to detect rootkits? For example Root Repeal.

Nice site glad you shared it.

Here is a link that might be useful: Root Repeal

have not used it. In general we use
GMER
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer

will take a look at it though.

Combofix it one of the most impressive tools around, the folks that created mbam and combofix are awesome.

tumblenweed we are reviewing that product
Rootrepeal ARK tool Version 1.1.0 on one of the forums I am on per request of it's author, so should have some info on it soon. It does look good so far.

Ok.

Thought I'd share this thread with you from the DSLReports forum.

Here is a link that might be useful: DSLReports

thanks Yep I had seen that thread too, it is pretty young in dev so a lot of the pro teams are doing some intense eval on it and submitting the info to AD. I had seen it caused some crashes and a few false positives but I think once it is a bit more mature and not in beta it will be a good tool. One to keep a watch on.

GOOD to know. Thanks for your time.

my computer will not allow me to access any programs or files. some message keeps popping up telling me i need to download this to get rid of the virus and spyware, and when i press ctrl+alt+del, some message pops up telling me some crazy crap, like this person is a internet terrorist
please help!!

Aintnosunshine the first thing you should do is start a new thread rather than find a 6 month old one as this only causes confusion.

When you start the new thread please include the computer make and model, all names of firewall, anti virus and anti malware programs you are running and when they were last updated and a full test ran.

"Some message pops up" up is useless, write the message down and post that too, it might be the biggest help of all. Help can only be as good as the input provided by the person needing the help. Help us to help you.

please follow the link I provided above to the forum that will help you with that infection, that is one you will need assistance with. It is always best to create your own new post. Go to LzD and register and start a thread there telling them exactly what is happening, the team will assist you.

I have the same virus can anyone help me like you helped the other guy I am only 13 and my mom doesn't know I have a virus... I really really need help, I do have school and I would really appreciate it if any could help me oh ya I can't open anything and I don't get internet connection when in safe mode.

Can anyone help?