Windows XP parallel virus? What can I do? RRS feed

  • General discussion

  • I was browsing google images in firefox, and after clicking a site a window popped up that I couldn't close with CTRL ALT DEL or any other way. It's wasn't a part of the site. Then came a blue screen with text saying something or another. Then my computer started to reboot. (I'm running XP, by the way). I shut it off, hoping that keeping it from rebooting would keep it from installing malicious programs. But when I rebooted, I saw that something wasn't right. The load up screen with the XP logo was wrong. At the bottom left there was only Copyright (C) Microsoft, not the right Copyright 1985-2005 Microsoft, or whatever. And then when I got to my desktop, things seemed to lag. And windows were chopping up, and when a window came up it first had black sharp corners, soon changing into the standard round corners. I googled XP start up screen, and I found one that looked like the screen I had. It was described as being an XP parallel of something called Vine, and was being used on a Mac as windows. I have read nothing about this being used as a virus, but I assume it could be, considering the parallel was freeware. Then as I was browsing, I googled something and clicked one of the google links. I was redirected to a site totally different than what I clicked. Later, I got a few pop-ups.

    I have come to the conclusion that my computer is running on an XP parallel that is possibly phishing and is redirecting me on firefox. What should I do? I was going to reinstall windows, but I don't know if I have the reinstall disk. I tried running the microsoft malicious software remover, but it shut down mid scan, probably because of the virus. Is there any way to break free from the parallel and get back to normal, where I have a chance of removing the parallel?
    Friday, August 28, 2009 8:01 AM

All replies

  • Hi and Welcome to Microsoft Answers Community,
    and the "Scanning, Detecting, and Removing Threats Forum".

    This sounds like a serious problem. However, I think there might be
    a solution. First off, do you have any built-in Recovery program (e.g. PCs like HP and Compaq
    have a recovery program, and you just need to press F10 to access and start it in boot mode.

    Try this: Run Windows in "Safe Mode" without networking.

    Follow this: 
       1. Restart your PC.
       2. Wait for the BIOS to load and press F8 to open Windows Boot Manager Menu.
       3. You'll get a list of choices in the Windows Boot Manager Menu (Note: Use the
           arrow keys to highlight your choice.
    ), you must choose: "Safe Mode". 
       4. Windows will boot in Safe Mode and then try to remove everything from there.

    Note: Since you are running under Safe Mode, Windows will not start all programs. 
             Some services will be turned off etc. 

    If you need any further assistance,
    please feel free to contact me and let me know.

    I hope this information was helpful...

    Have a nice day...

    Best regards,
    Friday, August 28, 2009 8:46 AM
  • Ok, after I get to safe mode, what would be the most effective way of removing the virus? I'm sure it's hidden to the umpteenth degree, and I don't have any commercial anti-virus software installed. I'm on a HP, so I'll try the recovery. Any tips?

    By the way, thank you so much for your help. I have been stressed out to my limits with this. It was like a slap in the face for this virus to take over my computer out of the blue.
    • Edited by Patm1313 Friday, August 28, 2009 10:14 AM
    Friday, August 28, 2009 10:13 AM
  • Hi again:

    Well, depends, the best thing to do first is to identify the virus infection (e.g. a infected file or directory etc),
    and then copy dir and virus infection data & information from your Antivirus software and paste it,
    inside notepad.

    Also: Download the Process Explorer (From here: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
    and make some screenshots from the "normal" mode. The screenshots will be compared with the Process Explorer
    running in Windows Safe Mode.

    If you need any further assistance,
    please feel free to contact me and let me know.

    I hope this information was helpful...

    Have a nice day...

    Best regards,
    Friday, August 28, 2009 12:10 PM

    You are off topic for this forum, which is dedicated to Microsoft Security Esentials Beta
    You may want to try the Microsoft Public newsgroups here:

    This is not a general forum for viruses, spyware, or Windows Help. For help with spyware issues, you may want to try the forums here: 
    http://aumha.net/ For help with virus removal, contact the maker of your Antivirus program.
    If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See
    http://www.microsoft.com/protect/support/default.mspx for details. For international information, see your local subsidiary Support site.



    Microsoft MVP Windows Live / Windows Live OneCare, Live Mesh, & MS Security Essentials Forums Moderator
    Friday, August 28, 2009 1:19 PM