question should he just reboot and try to uninstall last program installed???

or will the virus continue to spread onto harddrive?

Disable Messenger Service. This service is used by disreputable people to scam people into thinking that their stuff is legit. If you kill this on all of your computers, then you should see a lot less spam and this type of thing shouldn't happen again.

http://www.microsoft.com/windowsxp/using/security/learnmore/stopspam.mspx

I don't know if I can get control of it long enough to download the software you've listed. I'll give it a shot. It has already erased all my cookies and messed up the settings on my brower.

The computer is shut off now. I'll try to boot it back up without the Internet and see what it does.

It would be nice to save it, but no real big deal if I can't.

why not download onto a disc instead of going online?

I have no idea, I don't know what he has. If he uninstalls whatever supposed anti-spyware they con'd him into installing and then runs those three programs, it's very likely that the issue will be cleared up. That particular virus he has is pretty old, so I don't think that they were trying to hurt his computer, just scare him.

would you recommend going online and downloading on downloading onto a disc? you're very knowledgeable good thing you're here

avg 8.0 also has spyware

7.5 is soon to be abandoned by grissoft

might want to upgrade if you have not yet

Buy a FlashDrive, they are about $20 at RadioShack. The newer versions will allow you to install applications directly onto them. Download those three applications and install them to the FlashDrive, from the non-infected computer. Then boot up the infected computer (disconnected from the internet) and run the programs against your computer. Then you can keep the flashdrive up to date and use it on all of your computers when they have any trouble.

I just tried to boot the comptuer back up. It has radically changed the desktop. And it's doing things automatically, running programs and trying to connect to the internet (which it can't to because I pulled the phone line)

And I have no control at all. The mouse and keyboard have no affect at all. All kinds of crazy things are happening on the screen and the disk drive is running continually.

I just shut it back off again.

I'll boot up from a CD ROM and just do a reformat and system restore. That's about all I can do at this point.

spider, as his computer is networked, can this be done via remote access?

Your computer has been turned into a "zombie", where someone else has taken remote control of your rig. It's more than likely trying to send any and all of your personal information to said hacker, too.

I wouldn't be surprised if there was some "ransom-ware" present, too- that's where they essentially lock yourself from your own computer until you pay them whatever amount of money they're holding your computer ransom for. They're usually in the form of offers for anti-virus programs or some other seemingly legit software.

Your only route would be to wipe your hard drive clean and start all over again. You CAN try to get it cleaned up using an anti-virus/anti-spyware program, but it'd be a long, laborious process, that might not get you any favorable results. In the end, you'd probably save time by just formating/FDISKing your drive.

I just hope you've got all your important stuff backed up, as well as virus/spyware free.

ALSO-

Don't start clicking on unsolicited offers, e-mail attachments, or websites that not be legit, as that's a sure-fire way to get hosed by some hacker's crap.

Don't start clicking on unsolicited offers, e-mail attachments, or websites that not be legit, as that's a sure-fire way to get hosed by some hacker's crap.

Thank's moofoo,

I don't even open emails from people I don't know. This sucker snuck in pretending to be Windows UPDATE! I didn't click on anything. Other than the balloon that popped up from the taskbar that looked like a legit message from the Windows OS. I didn't tell it to download anything. But I did know that the computer was downloading something. I should have shut it down right then and there. But I didn't and it's too late now.

I'll have to reformat and reinstall now. Unless there's some other way I can boot up from a anti-virus CD disk that can regain control of the C: Drive? That's about all I would know to do.

Obviously this thing is booting right up into the viruse software right now. I'd have to boot from a CD to regain any control at all.

Probably just reformat and reinstall is the best thing to do at this point.

If you did not click on anything, you are probably a victim of a "drive by" trojan download. all you have to do is go to an infected wbsite without sufficient antivirus/spyware protection and they gotcha.

Thank Spider, that’s the very FIRST thing I’ll do after I reinstall.

Sounds similar to the virus I got and in the same way. I used a disc to install SpyBot search and destroy and it cleaned some of it up but it kept coming back evertime I re started. I was successful with StopZilla - free if you find the right one.

I was actually building a web page when this happened. I was using Google to search for and download images. One of the images I tried to download set off a chain reaction and opened about 4 browswer windows. I quickly closed all those windows, including the original graphic. I decided to go somewhere else for a graphic.

But it may have been too late. I think that might have been what triggered it. It happened shorty after that.

I've been downloading images without a problem for years. And I didn't even download this particular image. But something was really weird about the site it was on. That's when I should have shut down and rebooted right at the first sign of weirdness.

It's a scam. Most likely the software telling you you're infected IS the "infection".

Spybot Search and Destroy and Grisoft AVG anti-virus personal should clear you up.

Where I’m at,…

I’ve made some progress.

I started the computer up on Safe Mode and I was able to find a ton of system files and *.dlls that had be modified with today’s date. I deleted all those files but two.

The two I haven’t yet deleted I can’t delete because they are running and the system won’t let me delete them.

They are,….

hgggdbx.dll

and

jfiehayd.dll

I’m sure these are related to the virus. Or at the very least have been updated by the virus.

How do I kill these files? Or stop them from being launched the next time I boot up???

You should be able to Google some free programs that will unlock and kill any offending DLLs that might still be resident in your computer. There was one in particular called "File Killer" or something to that extent that did a decent job of doing just that.

You might be able to terminate their processes by using 'msconfig' in the "Run" command line in your Start Menu (you can also call it up by Ctrl+Alt+Del'ing once... note that I said ONCE)- check out the "processes" tab and look for any of those problem DLLs. Also check your start up files to make sure they're not there, either- if they are, you can uncheck them to make sure they don't start with Windows.