Remote malware scan

Remote virus scan
Sharon has a dedicated laptop she uses for file sharing. A WinXP box. I thought she had a firewall on it but she didn't. She now has a nasty case of spyware known as "Windows Protection Suite"

It's pretty damn persistent. It's reset admin permission so none of the existing antispyware antivirus programs I have will run. (Spybot S[HTML_REMOVED]D, AVG, Kaspersky, Malwarebytes). I tried running them off a local drive. I also tried running them off a USB key. Have also rebooted to Safe Mode and tried running the programs without success.

I've tried running Trend Micro Housecall as remote anti-malware solution and that doesn't work

I'm going to connect a non-infected Vista comp to this infected POS XP unit and running the malware scan off the Vista comp and checking the XP unit as a discrete separate hard drive. But this POS spyware has me a bit paranoid. The Vista comp is kitted out with the same antispyware antivirus programs that the XP comp had and which this POS Windows Protection Suite spyware defeated.

Here's my options as I see them:

Wiping HD and reinstalling the OS

Connecting the clean Vista comp via ethernet RJ 45 cable to the infected XP comp and scanning the XP comp with the Vista comp

Anything else I should consider?

EDIT

- I tried Trend Micro but it didn't work. I mean that it just wouldn't run. The spyware kills the Trend Micro process so the executable doesn't even run

- Ditto with Spybot, ditto with AVG. Ditto with Malwarebytes. They won't even run. They won't run off the infected local comp. They wont run off a USB key

It sounds like the same thing I got not too long ago. I did the trend micro thing, alternating a scan with that, then with malwarebytes, then I finally downloaded the free trial of trend micro. After running it all a couple of times that seemed to get rid of everything. That is my very non-technical, non-computery solution and it seems okay now LOL

…

The forums of Kaspersky have a lot of helpful guys.

Post up there and they can help or search for it.

I know Zone-labs used to have an online scan until.

try a copy of spy-sweeper. doubt safe mode helps.

http://www.malwarebytes.org/forums/index.php?showtopic=7668

different malware, but somewhat similar symptoms, give it a try

http://www.malwarebytes.org/forums/index.php?showtopic=7668

different malware, but somewhat similar symptoms, give it a try

I used that method to clean a similar problem on a friend's machine.

Some of these malware programs are a real bitch to remove. Scanners and anti-viral tools are typically useless so manual intervention is required.
I kill all the processes and remove all files (if the file can't be removed, KillBox usually works) associated with the malware.

Here's a couple links that may help:
http://www.2-viruses.com/remove-windows-protection-suite
http://www.411-spyware.com/remove-windows-protection-suite
http://windowsprotection.net/how-to-remove-windows-protection-suite-windowsprotection-suite-removal-guide/

Finally, tell Sharon to stop downloading pr0n.

post up!
http://forums.majorgeeks.com/

or call defeat and bribe diggs

Look at the time it would take to screw around trying to get rid of this, and look at how much time it takes for a re-install.

If all that machine is doing is filesharing, it won't have a lot of apps installed, it is probably faster to nuke [HTML_REMOVED] pave VS. spending countless hours dicking around with trying to remove spyware.

or call defeat and bribe diggs

Nothing would please me more than rebuilding a shitty laptop and securing a home network under the watchful eye of a cum guzzling Malaysian.

malwarebytes would fix the problem if you can get it to run. I know because i did this 3 weeks ago to my sisters computer. your best bet would be to put malwarebytes on your vista, hook up the harddrive and run it from there.

Or wipe the harddrive and reinstall. Personally thats the very last option after the sledge hammer comes out. (I hate reinstalling windows)

SmitFraudFix!

http://siri.geekstogo.com

edit

Or you could try renaming the executable of malwarebytes to something else. And have you tried Safe Mode? What about a web based scanner? Post a hijackthis! log, and we can pull it out manually.

1) remove hd
2) put large magnet on hd, leave for a day
3) re-install hd
4) re-install xp
5) tell Sharon to stop downloading so much porn

Before nuking the 'puter, you could also try booting from a CD

http://www.michaelhorowitz.com/removespyware.html

http://www.ubcd4win.com/index.htm

I think that way you bypass the existing OS

1) remove hd
2) put large magnet on hd, leave for a day
3) re-install hd
4) re-install xp
5) tell Sharon to stop downloading so much porn

In all seriousness, because I'm too lazy to download a HD wiping program, can I actually use a large magnet to wipe my portable HD that still has windows installed, without doing any physical damage?