HELP - system infected with spyware and can't remove it

[cotswoldcs]

I'm used to dealing with spyware and virus infections but this one has me puzzled. It's a home machine running XP Home and is infected with something called XP security centre or similar. It enables a notification icon in the system tray telling me the system is infected.

I can't install Spybot, AVG, HiJackThis v2, etc, etc. The programs either refuse to run or don't install and produce an error.

I've tried running in Safe Mode but still have the same problems as above!!

I've researched on Google and found removal instructions for WinX Security Centre. However, the spyware on the system must be different as the removal instructions don't apply (I don't have files installed where they say they are)

Any suggestions?

[KalC]

So it doesnt even let you run any spyware or anti virus programs?

Have you tried terminating the process in task manager and then maybe trying to run the anti spyware programs?

[Koolpc]

You tried installing AVG8 in safe mode? What about online scanning? Some companies do that?

[graystreet]

Have you tried System restore to get you to a point before the Virus hit and then try to install removal software?

[lodore]

have you tryed superantispyware? www.superantispyware.com or malwarebytes antispyware? http://www.malwarebytes.org/
also try drweb cure it
http://freedrweb.com/cureit/
drweb cure it doesnt need install and is very good at removal.

[RoBe]

the kaspersky online scanner found infected files for my dad's pc when there was a notification that kept coming up trying to get you to buy some fake security program.

Anyway, here's the link: http://www.kaspersky.com/virusscanner
i just deleted all the files/reg keys that it picked up and all was fine and dandy afterwards

[nc555]

You could also try making a different account on the machine and running spybot from there. Unless the spyware affects any account on the pc, in which case you may need to consider a format. It may not remove the spyware completely but at least get you started.

[Will404]

Are there any anti-spyware programmes you can run from dos, or before you boot windows, put a disk in and boot from it to run an anti - spyware scan??????

[aidanjt]

Not that I know of. Running in Windows safe-mode will work just as effectively though.

[Will404]

How about the UBCD for windows

Seems to contain some anti spyware stuff

[aidanjt]

That'll do too, handy if your system has a nasty rootkit that you can't otherwise find/remove.

[lodore]

f-secure have a bootable rescue cd
http://www.f-secure.com/linux-weblog/

[cotswoldcs]

Thanks for your help everyone. I tried various options without success but then discovered that I could install and run AntiVir Personal and this cleared enough off to allow me to run HiJackThis 2.02. I then ran Spybot & virus scans to make sure everything was eliminated.

Thanks for the help.

[s3ds]

a bit late but i have used clamwin run from a USB
http://portableapps.com/

glad you got it sorted

[TheAnimus]

nuke it from space, the only way to be sure!

(and by that aliens quote i obviously mean complete re-install.)