Some Virus Issues to Work Through Tonight

I got a call from my mother-in-law this evening. Seems she came home this afternoon and her computer had completely wigged out on some trojan spyware junk. Loads of alert balloon messages and porn icons and quarantined trojan files alerts from her installed anti-virus. She’s running Windows Vista.

As you can see from the screen shot above there were a number of junk files that have inserted themselves into the Startup routine of Windows. There were actually about another 10-15 versions of the same files further down as you scroll.

When you tried to check-off the files and disable them, when you click on “Apply” again, they would all check themselves back on. Looking for the related “Command” location turned up that most of the files weren’t there at all. Searching through the registry location information I was able to find a few entries that were related, but nowhere near the total amount listed in the Startup list.

I did a quick scan using Spysweeper, but it didn’t find anything much other than cookies. Trend Micro Anti-Virus wouldn’t scan at all. Downloaded and installed CA Yahoo Anti-Spy tool and it didn’t find anything else helpful. I eventually uninstalled and reinstalled Trend Micro and it would finally scan again, but ended up not finding anything.

Are we clean? Nothing’s popping up anymore. Nothing’s being found in scans. The only evidence left is this listing of the random “VIE****.exe” files in the Startup folder. How do I clear out these entries since they don’t appear to be there anymore.