A friend of mine just called me, she got a virus on her computer this morning, the only web site she can go too is some antivirus software site telling her to buy there software to get her computer back, she can't seem to run any programs on her desktop including her malware and antivirus software, does anyone have a solution for this problem? she is running Windows XP

any help would be appreciated

As a start boot in to Safe mode. [usually done by pressing F8 while booting] . Boot to safe mode with network support. Update and run Malwarebytes and her antivirus while in safe mode.

First try to boot in safe mode. Then run any antivirus/malware program if she can.

If you can boot into safemode try a System Restore point before this happened.

I installed the Malware software and although it found items and deleted them ,the problem is still there, as for system restore she had it turned off on her computer

Go into internet options and get rid of any proxies that are enabled.

I installed the Malware software and although it found items and deleted them ,the problem is still there, as for system restore she had it turned off on her computer

Whats the website name and what files did the malware app find?

even in normal mode she should be able to go to task manager and remove hopefully remove the TSR virus. (hoping that the virus hasn't infected shell)

It is likely she is only using IE for browsing, if she could install firefox (off usb) she could continue browsing to download addn'l software, debug the problem.
and finally uninstall IE and never reinstall it....

What's in HKEY_CURRENT_USER & HKEY_LOCAL_MACHINE \Software\Microsoft\Windows\CurrentVersion\Run and RunOnce listing of the registry?
Also always look at those 4 spots to identify suspect start pgms and search the net to see if you should remove them...

I had a similar one attack my pc and infected it with like 500 viruses. I booted up in safe mode and downloaded www.superantispyware.com and if fixed everything. It is free and works great. Too bad it can't fix what I have now!

I had a similar one attack my pc and infected it with like 500 viruses. I booted up in safe mode and downloaded www.superantispyware.com (http://www.superantispyware.com) and if fixed everything. It is free and works great. Too bad it can't fix what I have now!What do you have now. Has it been identified?

Have you tried a System Restore at a point before the infection?

Download the MalwareBytes current definitions from here http://mbam.malwarebytes.org/database/mbam-rules.exe

After that, reboot the computer to safe mode and run the executable which will update MalwareBytes. DO another full scan, remove everything it finds and reboot to normal mode and see where you're at. If you appear to have your computer back, run another full scan in normal mode.

Have you tried a System Restore at a point before the infection?

This is what I would try first, then afterward I would delete all restored point and have it turn off . After that do what uncle hammy mention . If your system afterwards is ok / clean ? Then turn system restore back on and make a new restore point .

heres how I'd go about eradicating the suspect code thats running ... I'd boot into safe mode, without networking ... open IE and Delta cookies/history and files, run malwarebytes and spybot, note where the infected files are, open the task manager, locate the files which are running and stop them, then find and delete the rogue files ... now let malwarebytes and spybot cleanup the files ... reboot, run malwarebytes and spybot again, quite often, they will find more files, since networking is now enabled ... NOTE system restore points will have the rogue code or at the very least an INTERNET redirect to download the Trojans again, so disabling this function would be a good idea ... i would use a mild mannered registry cleaner -easycleaner- to cleanup whats left over.