Helping people with computers... one answer at a time.

Once infected it's difficult to guarantee that your cleaning efforts succeed. Best is to make sure that you never get infected in the first place.

As a Mom of a couple teens, I get viruses all of the time. This latest one I cannot find a solution to; here goes - my control panel is GONE! There is a popup every time I start the 'puter with the filename of "mustafx2.exe" I can't find it anywhere in English. I am using AVG, Ad Aware and Spy-Bot as well as Windows Defender. I have Windows XP version - never mind; can't look that up anymore either....UGH! Nothing has helped. Got any clues?

I have a couple of reactions to this question.

One, of course, will be the steps I'd take to try and recover in this case. I'll outline those in a second.

But first, my other reaction, which you may not like Smile.

"... I get viruses all of the time."

This is unacceptable.

In my opinion you must change that mindset. Getting a virus, any virus, should be considered a very serious thing. Your teens, or whomever is using your computer in such a way as to get infected by these viruses, must learn to use the computer safely and properly.

There's simply no substitute for that.

If this is a computer you share with your teens, I'd be doubly concerned. In fact, in your shoes I'd be barring their access ... letting them allow your machine to become infected with viruses is putting everything on your computer at risk. You could lose everything stored on your computer.

"The only way to absolutely, positively clean a machine from a virus is to completely reformat the machine and reinstall the operating system, updates, applications and data from scratch."

So why am I so passionate about this?

It's simple really: consider the possibilities after you're infected with a virus:

  1. Your anti-virus program successfully cleans it off.

  2. Your anti-virus program thinks it successfully cleans it off, but in fact the virus has hidden itself so well that it remains. You're still infected, and you don't know it.

  3. Your anti-virus program doesn't catch it and doesn't even try to clean it off. You're still infected, and you don't know it.

  4. Your anti-virus program fails to clean it off and tells you. You're still infected, but at least you know.

Because we trust that #1 will happen all the time, it's easy to become complacent. It's easy to assume that viruses are a fact of (teenage?) life, and that we can just clean them up after they happen.

That's just not true. A lot of malware can't be so simply swept away.

The only way to absolutely, positively clean a machine from a virus is to completely reformat the machine and reinstall the operating system, updates, applications and data from scratch.

Re-read that sentence. It's important and absolutely true.

Most of the time we don't do that. We assume, we hope, that the anti-malware software we have running will clean things up for us. But there's actually no way to know for sure.

Each time we allow an infection to happen, each time we then use anti-malware software to clean off an infection, we're gambling. Most of the time, we're ok. But sometimes we're not. (I do have to mention that finding a virus on your machine and finding a virus installed on your machine are two different things. Anti-virus programs will report both, but it's the later case that is the problem scenario.)

Rant over.

Let's look at your situation.

As you can guess by now the only guaranteed way to rid yourself of this malware is to reformat your machine and reinstall everything. That's very painful and something I know that most people would want to avoid, including me.

So here are steps I would try first:

  • Backup your system. Yes, we're backing up the infected system, but in case subsequent attempts go horribly wrong we'll always then have this backup to revert to as we attempt other approaches to recovery.

  • Run the System File Checker. Many viruses operate by replacing system components - the System File Checker will attempt to restore them. Make sure to have your original Windows installation CD ready, as SFC will typically ask for it if it finds it needs to restore files.

  • Perform a repair install of Windows. This works very much like an full install, replacing and updating system files and other components, but it attempts to preserve all data and installed programs in the process.

If those don't work ... well, by now you know what's next.

Once your machine is clean, I'm going to strongly recommend you implement a frequent backup regimen. Daily would be nice, making sure that you save each day's information so that if necessary you can revert to a backup from "x days ago".

The reason I say this is that as much as we might want to make sure that your teens never, ever allow your machine to get infected again (and that should absolutely be the goal), the practical reality is that it ain't gonna happen. At least not right away.

With a sequence of daily backups, if you do get infected again you could simply restore the machine to the most recent backup prior to the infection. Yep, you'll lose any changes made after that backup, but my guess is that'll be a lot less painful than a full reinstall.

And it might even act as an incentive to avoid infections in the future.

Article C3263 - January 10, 2008 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

57 Comments
Anne Madill
January 10, 2008 2:54 PM

Hi Leo-
As the poster of this problem, I want to thank you for your candor. Sure, I'm sad/frustrated that it's happened and the reversal of the problem is arduous, but I now I have somewhere to start.
Thanks Again!

Al Kubeluis
January 11, 2008 5:42 AM

Hi Leo -- Another excellent article and advice. I would not allow anyone, regardless of age, to use my computers if I did not know they were competent and careful. And I would get the "kids" their own computer so that they could learn the hard way the results of carelessness. -- Al

John Sturges
January 11, 2008 6:21 PM

Great answer Leo!!! And I agree with Al, the easiest way to stop kids from messing up your PC is never allow them to use it. Get them their own PC.

Then, to reduce Malware by 90%, put their PC somewhere where you, Mom, can watch everything they do on it, like the dining room.

You do know they are going to Porn, illegal music and illegal video websites because no one is watching them and that's where most of the malware is coming from.

Youlak
January 11, 2008 7:00 PM

* Choice I
1. Update your virus definition (symantec,mcafee,avg)
2. restart your computer and go to safe mode
3. run virus scan
3. clean up registry by use "registry clean expert " software
4. reboot
* Choice Two :
1. Take out your hard disk
2. connect your hard disk as slave hard disk with other computer that have no virus and make sure the other pc virus scan up to date
3. scan your hard disk
4. clean registry entry

Sandi Nickerson
January 11, 2008 7:28 PM

Mom of teens here, this all sounds so very painfully familiar. I found the worst offender for the kids downloading viruses and such was an Instant Messaging program, in their case it was MSN Messenger. I set it up to run all incoming files through my Norton AntiVirus, but more importantly I taught the kids not to accept ANYTHING from anyone they didn't know and to check with me first if it was someone they did know. Even files that look legit can be infected and one of their friends was infected and didn't know it so her machine was sending out files unbeknownst to her. Hope that helps, we usually think of web pages and email as being the culprits (and they can be) but with the way teens rely on IM programs, you might find that's where your security leak it.

Ravi Agrawal
January 11, 2008 8:06 PM

Sure, but creating a Local Restricted User account without any administrator Rights should take care of the problem upto 80%. She shoul password protect the system. Or Go for Vista, It has a lot to defend / combat such things,

Anyways those are my views.

Ravi.

Natalie Kehr
January 11, 2008 10:09 PM

This feature comes with 17 ads by Google. They all imply that they are the best thing since sliced bread. This can't be true, so could you help people decide between them. Do you have any control over the ads which Google puts on your pages?

Rick
January 11, 2008 11:54 PM

While I agree that the behavioral problems that led to this compromise need to be addressed, you do not address remedial procedures that may remedy the situation short of a reformat and re-install.

"mustafx2.exe" is a variant of the Trojan.Virantix.B malware (a blended threat that shuts down most antivirus/spyware programs, modifies system files and registry entries, hides itself with rootkit tools and monitors your browser activity . . . that is, if it is not continually forcing your computer into a restart.

Symnatec has a writeup here:

http://www.symantec.com/security_response/writeup.jsp?docid=2007-122607-2738-99&tabid=3

including advice on how to use the Recovery Console.

In the event the computer reboots continuously, try issuing the 'shutdown -a' (minus the single quotes)command from a command prompt to abort the shutdown and allow you to clean your computer.

Buffet
January 12, 2008 2:30 AM

The minimum age requirement to be president is 35 - there's a REASON for this. No one under 30 years of age should EVER be allowed to touch a computer!

Hugh E Torrance
January 12, 2008 3:11 AM

What about using a live operating system CD like...Ubuntu,PCLinuxOS,Mepis,Etc Etc that way anything you pick up will disappear when you reboot.
Stuff can be saved to another drive like a USB one.

Nico
January 12, 2008 4:09 AM

I agree will all. Good article.

As a general tip: Remember, you will again have problems with virusses and malware, and as Leo said, chances are very high you will have to reinstall Windows. This will happen frequently. The savest way is to format the drive.

To save you the effort of backing important data up such as your photos, music and documents, and to avoid loosing it when it is crunch time, rather partition (split) the harddrive into two. Save all your important stuff on the second drive and keep the first only for the Windows installation and origional programs and games you have. This way, when you have to format the c: drive to reinstall Windows, you will not loose any information as it will remain intact on the second drive. Frequent backups should still be done, but at least this way, you don't have to do it all that often.

On a different note, I won't blame teens for this as they don't know. As long as you can keep an eye on them, which sites they visit and so. Personally I would (as suggested) get them their own PC, establish a network by using a router. Then, check the history in their browser, from time to time, of the pages they visit. If you don't approve of the sites they visit, simply block it in the router.

Good luck.

Doug Woodall
January 12, 2008 8:41 AM

Im curious, what settings do you use on your Firewall?
Is it even running? Ive found alot of users do not have their Firewall configured properly.

George Arauz
January 13, 2008 5:03 AM

Reformat your computer... but keep in mind you will lose everything you had on it.

Thomas
January 13, 2008 7:26 AM

IF you have important files and projects on your computer that you have to preserve, then you MUST do the following;

Get the kids their own computer. Computers are a commodity now, and $300 will get them a starter new computer or a decent used computer.

Either get them OFF your network (internet connection), or find someone who knows how to protect your computer from the rest of the local network. Share nothing.

You can get them their own DSL service or their own cable modem. Let them pay the monthly fee for service; no pay, no service.

Demand the right to check up on their computing activities. Disucss the rules for computing that you expect them to adhere to, and retain the right to cut their online services if they abuse the rules. You will need to get someone to show you how to track their activities as kids quickly learn how to clear histories and caches.

With these protocols in place, only THEIR computers and data are at risk, and if they continue their unsafe computing habits, they will suffer the consequences, not you.

If, on the other hand, you do not take measures to protect your computer, it's only a matter of time (months, not years) before everyting goes kaput!

Backup. There is a good chance that one day, your backup will be the only thing left of your computing world. Your current unsafe computing situation just guarantees that this will happen much sooner.

Leo A. Notenboom
January 15, 2008 1:50 PM

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Natalie Kehr: no, I actually don't control which specific
products appear in the Google Ads on my site. More info
on ads and more here: http://ask-leo.com/terms.html

Thanks,

Leo


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFHjSqzCMEe9B/8oqERAjTOAJ9+p46oMHwjdmlTKyZlTEuZCWQfwgCfQhM7
Ac8HwDVoG4FNEpMAMgJN4Vw=
=Coob
-----END PGP SIGNATURE-----

john
October 1, 2008 6:57 PM

er....i just wanted to ask you whether is it possible for a cable modem to be infected with virus...thx!

In theory I suppose so, but I've never heard of it happening. I wouldn't waste any time considering it or worrying about it.
- Leo
02-Oct-2008

Biplop
November 15, 2008 6:21 PM

I am using the Kaspersky antivirus, but I see my system hiden file are not shown by clicking the tools , folder opstion, show hiden file ,

What can i do?

DEBRA
November 19, 2008 10:21 AM

MY VIRUS IS BAD, I CAN NOT DO ANYTHING ON MY COMPUTER, HOW DO I GET RID OF EVERYTHING AND PUT THE ORIGINAL WINDOWS CD IN?

dorothy gee
January 9, 2009 4:56 PM

I've read through all of this and am still in the dark. I downloaded (& pd 4)the Spyware Doctor with anti virus, even though I already have AVG on my machine. I can't see that it is doing anything. I guess I'm a real dummy and shouldn't be allowed to have one of these thing. I have something going on. I was told I have a 'corrupted file'- which I would assume is because of a virus. So, what now? And what is this about the article at the top of this page? Do you mean that there is no guarantee that the virus will be gone - that the best thing is to avoid it in the first place??? I'd really like to know what I have done to get a virus. I do not download a bunch of stuff - SELDOM open an attachment, use this for my business only. Sorry, just had to get that out, and you probably won't print it or read it since I don't know what article at the top you refer to. Thanks anyway. I'll just keep on trying.

Patricia
June 29, 2009 3:37 PM

I too have a virus and can't even keep my computer on for one minute without it freezing up. I'm so sick of PC's!!! I'm buying a Mac and then I won't have to worry about these stupid viruses. :)

ellie
September 2, 2009 4:08 PM

HOw do you reformat a computer. Mine is a Dell..and I cannot get on the internet at all because I have a virus. Can you help me? Thanks

Daniel
September 16, 2009 1:23 PM

HOW DO I completely reformat the machine and reinstall the operating system, updates, applications and data from scratch?

jackie burchett
November 30, 2009 2:33 PM

i need to reformat my computer how do i do this i cannot download anything and i have a constant pop up that i have 45 infections by security tool this not a virus protection that i have put on my computer

Lee
December 5, 2009 10:30 PM

i have a lot of trojan activity on my computer as well as a LOT of other viruses what should i do i tried defragging and to b honest i dont really have d money to spend on an anti virus software

Tanner
January 2, 2010 11:29 AM

I have an issue on the laptop i went to log on today and now every time i click on somthing it says can not run blahbla.ext or comthing and then it askes if i want to run antivirus and i click yes then it says the same thing what do i do

Neicka B.
January 11, 2010 3:28 PM

If i have a virus and trojans and i buy a virus protection cd would it get rid of the viruse and trojans? please help. FAST!!!!!!

Caleb C.
January 16, 2010 10:22 AM

I found out that i have been without anti virus protection since june of 2009, i had AVG anti-virus and it tells me that i have 58 different viruses that it had detected but could do nothing about, the comp appears to be in working order except I HAVE NO INTERNET please help

sandy
January 31, 2010 12:44 PM

I have run my antivirus and it that im not infected and my computer hes never let me run a full backup disk! What should i do to get rid of the the infected areas?

elainehuxley
February 5, 2010 5:12 PM

First I used to search for the related solution for viruses, worms, and Trojans for hour and after that also it is not guarantee that I will get the perfect solution but now I have a site which provides the complete information related to the problem of networking and security.
http://forums.techarena.in/networking-security/
I will suggest you to visit this site one for getting the perfect solution for all your networking or virus problems.

Jackie
February 6, 2010 11:29 PM

What are some of the symptoms of an infected computer please. What am I looking for?

Thanks,

Jackie

kumar
February 9, 2010 11:45 PM

my computer affected by virus.when i open my computer there is a message coming."there is no disk in the drive.please insert a disk into drive"then there is three buttons ie,cancel,tryagain,continue.i press both this is not closing.i make to restart the computer.i try to open task manager.ii can not open.please give me a reply what i do.

fahath
March 3, 2010 10:06 PM

my computer had been affected by khatra virus, i used protector plus to remove it.after this i an not able to open taskmanager,realplayer and certain websites and my comp is too slow,what is the problem??im using intel hp atom

Clara
March 6, 2010 1:31 PM

Hi! I just wanted to ask if you know anything about the virus: "XP antispyware 2010", please? It installed itself on my computer yesterday and I think I have got rid of it as it doesn't pop up any more trying to get me to subscribe to their company, but although I am using the internet normally again, it is still quite slow, although that could be the Superantispyware I installed..? Anyway please could you tell me if you know whether the virus can get into my personal information ie. my paypal account and should I avoid using it and putting in my password till I know for a fact that it's gone? Thank you very much for your help, Clara

Once your machine is known to be infected you should never do anything potentially sensitive with it. Two recommendations: malwarebytes.org and then also How do I remove a virus?.
Leo
08-Mar-2010

Jessica
March 14, 2010 10:14 AM

my computer keeps saying its not responding, like in internet explorer and when im under a program... whats wrong with it?

kensonvk
May 26, 2010 12:56 AM

I have affected with a virus named as "RJN Burner" and cannot be removed from my computer.pls resolve this

Eric C
May 27, 2010 12:59 AM

My computer is infected with a virus I believe. My buttom right screen keeps popping up with a windows security alert saying "application cannot be executed. The file wuauclt.exe is infected"? I dont have a Windows installation cd. How can I repair this?

Haitham Amer
June 8, 2010 11:56 PM

I have affected with a virus named as "RJN Burner" and cannot be removed from my computer.
pls resolve this or tell me how to remove it safely or which anti virus or virus remooval tools can remove it ??
Thanks

mohankumar
June 19, 2010 1:57 PM

I have affected with a virus named as "RJN Burner" and cannot be removed from my computer.pls resolve this

Noushad
June 30, 2010 11:53 PM

I successfully removed the "RJN Burner" from my computer. This virus affects the file "C:\WINDOWS\system32\wscript.exe". Following are the steps I followed to remove it.

1)Boot windows in safe mode.
2)Replace the file C:\WINDOWS\system32\wscript.exe by copying from a system which is not affected by "RJN Burner".
3)Open windows registry ("Start Menu"->"Run"-> Type regedit), search for "RJN_Burner.vbs" and delete all entries found.

john
July 14, 2010 10:08 AM

i have a virus on my computer everytime i go to sign into my email address the msn symbols is replaced with ip and when iam signed in its this symbole it looks like the number 2 and i get redirected all the time and on top of all that somtimes i go on sites and cant see the pics its as if its blocked can you help me out

Jasmine
July 21, 2010 10:46 AM

This was really weird. I didn't understand any of it. Still thanks for providing some information.

gdv.Ramesh
July 22, 2010 7:39 PM

sir, how can i know that my computer is affected with virus?

tony
August 21, 2010 6:31 AM

my pc is infected,and any antivirus is not installing,what i can do? please give me a solution.

jenny
September 19, 2010 7:51 AM

my computer keeps sending emails to the whole of my contact list, i can only assume i have a virus, how do i find out where. i have run scans and it is not picking it up

It's unlikely that you have a virus. Rather, it's much more likely that your email account has been compromised. More here: Someone's sending email that looks like it's from me to my contacts, what can I do?
Leo
20-Sep-2010

Steve
October 17, 2010 1:27 PM

These guys do a good job helping seniors with computer viruses: http://modernseniortech.com/computerservices/virusservices.html

donna
November 3, 2010 3:13 PM

my computer says theres many infections and at risk ov identity theft and tells me to buy protection from them so do i need to do this and i have no idea how to clean everthing off plz help.

Shohouku
January 5, 2011 1:05 AM

Hello guys, Today im doing a little tutorial how to destroy a Virus on your computer i will some options if you want to choose, You could Put all the Information or important things on a Hard drive/USB stick,
then make a NEW Account on the computer. 2 opinion you could also just buy a new Hard drive (BUT DO NOT BUY A NEW COMPUTER JUST A HARD DRIVE)

Thanks i hope it worked :)

Alex Dow
January 18, 2011 9:19 AM

A VERY IMPORTANT POINT for all Anti-Viral and similar programs is that YOU must ENSURE that it/they is/are KEPT UP-TO-DATE!!

Although most can be set to Auto-Update - have YOU made sure this is the DEFAULT SETTING?

Compare with the "Flu Vaccine", it has to be updated every year to handle the latest variety, eg Swine, HN5 etc.

AV programs need effectively DAILY (even Hourly) Updating, hence the Auto-Update.

Also, as well as doing Backups as many have mentioned, do YOU occasionally set your AV program to do a FULL SCAN of ALL YOUR Disks?

In recent years, Viruses tend to be spread via USB Flash Cards and similar, particularly if YOUR PC is in the Default AUTO-PLAY setting.

There are various programs which in effect switch OFF Auto-Play, further protecting YOUR PC; and allowing YOU to SWEEP that Temporary USB device for Viruses etc, before making Full Connection.

If YOU offer USB Devices to friends etc, say with family photos, music etc, YOU should run your Updated AV program on it, before unplugging and handing the device to the other person - WHILST WARNING THAT PERSON to run his/her AV Program on it immediately after plugging it in.

YOU can't be too PROTECTIVE, if you want to keep your PC CLEAN.

This is all part of the HOUSEKEEPING or Computer Management that I have mentioned earlier.

Just like Domestic Housekeeping, it has to be done conscientiously, regularly/frequently.

allan
January 18, 2011 10:59 AM

Computers startup in stages to get to the Operating System (OS) and then running an AntiVirus scan on a 'running' OS usually wont work. Try a System Rescue Disk - load CD, SHUTDOWN computer, restart computer while holding down the CTRL key, will load in one of the first stages, RAM, before the OS starts up and now doing an AntiVirus scan here will most times, remove all of a virus. Then just reboot.

honoriuc
January 18, 2011 8:28 PM

Instead of formatting the entire HDD, I would recommend an Antivirus Rescue CD at boot time, like bitdefender/avg/kav/f-secure rescue CD. However, should you reformat the entire HDD and reinstall everything, then use Shadowprotect Recovery Env. to save the image on DVDs or an external HDD. So you can have the system back in about 15 min.

Robert
March 18, 2011 7:15 AM

I received an email from my sister and opened it and in the email was a hyperlink which I opened. it was something she did not send me, and from this point on something is causing some sort of chain reaction and sending the same email i recieved from my sister to all the contacts I have in my address book, not cool. Now all my contacts have the same problem I have, this is spreading like crazy, what do I do? on a daily bases I receive emails with my friends email address stating their email has fatal errors, whats up with that?

Yep, you fell for a very common form of malware and your account is now likely to have been hacked. I'll point you here: Someone's sending email that looks like it's from me to my contacts, what can I do?
Leo
18-Mar-2011

SANJIB DAS
June 18, 2011 9:52 AM

HOW CAN I CLEAN MY COMPUTER FROM VIRUS

cheryl
June 22, 2011 12:02 PM

Hi i formatted a friends computer last night just started it not quit done all the way yet if i bring hers home with me & hook it up with my modem that i use with a ethernet cord will my computer be fine???? i don't want the virus or whatever it is on my stuff HELP?????

eman rommel caraig
July 22, 2011 9:16 AM

i'm a freshmen using computer so i didn't know if my computer have avirus or not

Richard
February 11, 2012 5:21 AM

I can not get in my computer. Warnings pop up saying my computer is infected. It will not let me use my security scan or get on the internet. A security screen pops up I do not recognize telling I must sign up for some thing to protect my computer. how can I get in and then what do I do

Mark J
February 11, 2012 7:24 AM

@Richard
That is usually a symptom of malware. If you can't get into your antivirus programs, you may have to run a standalone antimalware program such as the free Microsoft Standalone System Sweeper. You'll probably have to download it on an another computer, since yours is infected and would most likely interfere with the process.
Microsoft Standalone System Sweeper - Clean malware from your machine

imran
July 31, 2012 3:35 PM

yesterday i gave my flash to my friend and when i receive the flash it was full of virus and i dont have antivirus on my computer why iam trying to put some thing on my flash its not coming on my computer and when i put it on another computer that have antivirus everyhting is working well but first scan the flash with kaspersky and my computer is very slow what should i do i dont know help mee!!!

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.