I have windows xp and have been infected with this horrible virus which gives me hundreds of error messages and has made me lose everything in my start menu, desktop etc. I cannot do anything.
I have the current version of McAfee and I had the pop up from McAfee to say it was quarantined but obviously it wasn't. I've scanned and it continues to quarantine them, but does not actually find them. I've run the McAfee stinger but this has not solved the problem. My first question was how did this get past McAfee if it quarantined it in the first instance. Also as well as the fakealert virus I seem to have Artemis as well now. The fakealert seems to continue to reinfect - McAfee must have quarantined it 7 times which I then delete.
Please can anyone help me clear this from my pc. I am not techincal and need basic instructions.
ThanksMessage was edited by: gardener on 31/10/11 04:20:46 CDT
Moved this to Top Threats so the experts can help you.
Unfortunately not all malware is caught by antivirus applications, no matter what brand.
When you say you used Stinger did you use the Fake Alert one?
Meanwhile someone will come along soon to help you I hope.
One quick way of defeating these things is to use System Restore to go back to before it all started. Don't forget to update McAfee afterwards though.Message was edited by: Ex_Brit on 31/10/11 5:39:34 EDT AM
Thanks for your reply. I just used the general stinger which in its list of viruses had fakealert. I couldn't even access the internet at first, but the only programme I have left showing on my pc was a photostorage application which managed to take me to the web and my first searches and advice took me to stinger. I then later saw there was a stinger for fake alert, so is this better than stinger?
The Fake Alert Stinger is constantly being updated with these new fake alert threats so is the better one to use in this instance. I know it's a bit confusing having two Stingers.
There are some free 3rd party tools too that you could try such as Malwarebytes Free, see lower down on this page: https://community.mcafee.com/docs/DOC-2168
If you ever have a problem getting internet access try 'Safe Mode with Networking' reached by tapping F8 repeatedly while booting up and it's second on the ensuing menu.
Some applications can be downloaded, updated and run in that mode and Malwarebytes is one of them.
Meanwhile I see that someone else moved this yet again to Security Awareness and as that is a general section, haved moved finally to Home User Assistance. Hopefully that will be OK.
I just posted a reply but not sure if it worked. I am currently into hour 3 of stinger fake alert running in safe mode so not sure if it fixed the problem yet but a couple of points:
1) Whilst in safe mode I still do not have access to any programmes or applications in the start up, nor do I have a desktop
2) As I cannot access explorer I could not change the name of the stinger file from .exe so I hope it still works ok (It found and deleted 2 of the trojans so far).
3) I did not have the option fix to scan on the preferences, the options I got were slightly different to those on the instructions I managed to access,
so here's hoping.
Will update once I know what has worked.Message was edited by: gardener on 31/10/11 16:07:38 CDT
In any of the Safe Modes, most software wont operate the same way as in regular mode but you would normally see your desktop albeit at a very reduced resolution. Let me know how it goes. Posting on an independent forum such as BleepingComputer might be useful too.
The scan has finished and found and deleted 5 fake alert trojans. I've now re-booted and still have lost my desktop applications except internet and outloook and lost all programmes from the start menu. What can I do now please? I am also getting an API error.
If the following doesn't work then I think the best option would be to format and reinstall Windows from scratch.
1. Boot the system and start tapping the F8 key as BIOS information goes by.
At the Windows Advanced Options Menu select Safe Mode with a command prompt.
2. Log on to your computer with an administrator account or with an account that has administrator credentials.
3. Type the following command at a command prompt, and then press ENTER:
4. Follow the instructions to restore your computer to an earlier state before this happened,
Note: When restoring a system from the command prompt, a automatic “UNDO” restore point will NOT be created and will not allow a restoration to the current state.Message was edited by: Ex_Brit on 31/10/11 8:00:48 EDT PM
Thanks for this. Will try it later. Could I also try the unhide.exe first?
I assume that if I try system restore, this is where some of the fakealerts were which were deleted by the stinger last night, just in case they were hiding in the system at the date I pick for the restore, if they have now been deleted, are definately gone in the system and won't re-infect if I restore to that date when they could have been in hiding, or is the infection almost immediate. Hope that makes sense!Message was edited by: gardener on 01/11/11 15:15:22 CDT