Summary: Recovering from a bad virus infection isn't always easy, but there are some easier things to try before drastic measures need to be taken.
Over the past weeks on my older Windows XP machine:
- I've had frequent re-infections of some virus or Trojan that resets my IE home page, disables Task Manager, and blocks my access to System Restore.
- Several times each day, I run AdAware, Spybot, and my virus program (Panda) to remove identified infections and spyware.
- I read where disabling System Restore and then running a virus scan would clean out any virus strands that were inadvertently being backed-up with each shutdown/startup cycle.
- My virus and spyware programs sometime identify Services.exe and Winlogon.exe as viruses. When this happens, these files are referenced as being in located in the C:\Windows\inetdata sub-directory (which is not where they should be).
Did I royally screw things up by disabling System Restore? I understand by doing this, I erased all existing restore points so that wouldn't surprise me.
•
First let me say this...
YIKES!
You've got a serious infection here. In all honesty, I'm not sure the patient will survive. But let's run through some options.
•
Here's how I'd proceed:
disconnect from the network
boot in safe mode
run the system file checker
run your AV and Spyware scans. Turn on any "immunize" options in the spyware checker
Reboot in normal mode.
If things work properly at this point skip the next two steps
Reinstall Windows XP. When you reinstall, you should have the option of doing a "repair" install or an install "on top of" the existing installation.
If things work properly at this point skip the next step.
If things are so bad that it's still not working properly, in your shoes I'd reformat the machine and rebuild it. Trying to coerce it into working again may just be more effort than it's worth. Be sure to save the data you care about first, of course.
Enable or get behind a firewall
Reconnect to the network.
Update your anti-virus software's database and your spyware scanner's database and run scans again.
Visit Windows Update, and do take SP2.
It concerns me a great deal that you're getting reinfected so quickly and so often. If you're not doing something silly, like opening unidentified attachments, or visiting malicious web sites, then that shouldn't be happening at that rate.
Related:
-
Ask Leo! - What is the System File Checker, and how do I run it?
-
Ask Leo! - Do I need a firewall, and if so, what kind?
Article C2271 - January 30, 2005
Hello,
I got some Trojan Viruses by email, machine would not even boot up, ran system recovery instead of system restore.
Can I go back and run system restore now.
Posted by: JL at August 28, 2008 10:53 AMI think I may be virused - very odd things have been happening, though I used AVG and other products!
Basically opening files seems to take much longer, and every time I open a folder the system hangs slightly. This never happened before, I got the system built to spec so I could do plenty of photo and music editing! I am running windows XP as well.
ALso folders on the desktop seem to just go missing. My concern is that nothing seems to pick up anything wrong - is there any way I can check for sure I am being virused and are the steps there what you would reccomend in this instance?
Thank you!
Mr.Will
Posted by: Mr.Will at October 21, 2008 6:42 PMA Few Days Ago When I Had Norton Security scan i found 42 cookies and 8 Bugs, I thought i got rid of them, and they came back, why wont they go? i system restored but they still came back. Plz Help!
Posted by: Tiffany at December 7, 2008 3:57 AMHi i had this problem.. i used my usb on some public pc and i had some important pictures in tht and now when i used it on my pc, every picture folder is missing.. im really worried plz help me out how can i get those pictures back
Posted by: Huda at January 7, 2009 7:00 AMU have option in windows explore where in u can uncheck the option/show all hidden folders and then check.....
Posted by: andy84 at March 18, 2009 6:39 AM