Summary: Once infected it's difficult to guarantee that your cleaning efforts succeed. Best is to make sure that you never get infected in the first place.
As a Mom of a couple teens, I get viruses all of the time. This latest one I cannot find a solution to; here goes - my control panel is GONE! There is a popup every time I start the 'puter with the filename of "mustafx2.exe" I can't find it anywhere in English. I am using AVG, Ad Aware and Spy-Bot as well as Windows Defender. I have Windows XP version - never mind; can't look that up anymore either....UGH! Nothing has helped. Got any clues?
•
I have a couple of reactions to this question.
One, of course, will be the steps I'd take to try and recover in this case. I'll outline those in a second.
But first, my other reaction, which you may not like 
.
•
"... I get viruses all of the time."
This is unacceptable.
In my opinion you must change that mindset. Getting a virus, any virus, should be considered a very serious thing. Your teens, or whomever is using your computer in such a way as to get infected by these viruses, must learn to use the computer safely and properly.
There's simply no substitute for that.
If this is a computer you share with your teens, I'd be doubly concerned. In fact, in your shoes I'd be barring their access ... letting them allow your machine to become infected with viruses is putting everything on your computer at risk. You could lose everything stored on your computer.
So why am I so passionate about this?
It's simple really: consider the possibilities after you're infected with a virus:
-
Your anti-virus program successfully cleans it off.
-
Your anti-virus program thinks it successfully cleans it off, but in fact the virus has hidden itself so well that it remains. You're still infected, and you don't know it.
-
Your anti-virus program doesn't catch it and doesn't even try to clean it off. You're still infected, and you don't know it.
-
Your anti-virus program fails to clean it off and tells you. You're still infected, but at least you know.
Because we trust that #1 will happen all the time, it's easy to become complacent. It's easy to assume that viruses are a fact of (teenage?) life, and that we can just clean them up after they happen.
That's just not true. A lot of malware can't be so simply swept away.
The only way to absolutely, positively clean a machine from a virus is to completely reformat the machine and reinstall the operating system, updates, applications and data from scratch.
Re-read that sentence. It's important and absolutely true.
Most of the time we don't do that. We assume, we hope, that the anti-malware software we have running will clean things up for us. But there's actually no way to know for sure.
Each time we allow an infection to happen, each time we then use anti-malware software to clean off an infection, we're gambling. Most of the time, we're ok. But sometimes we're not. (I do have to mention that finding a virus on your machine and finding a virus installed on your machine are two different things. Anti-virus programs will report both, but it's the later case that is the problem scenario.)
Rant over.
Let's look at your situation.
•
As you can guess by now the only guaranteed way to rid yourself of this malware is to reformat your machine and reinstall everything. That's very painful and something I know that most people would want to avoid, including me.
So here are steps I would try first:
-
Backup your system. Yes, we're backing up the infected system, but in case subsequent attempts go horribly wrong we'll always then have this backup to revert to as we attempt other approaches to recovery.
-
Run the System File Checker. Many viruses operate by replacing system components - the System File Checker will attempt to restore them. Make sure to have your original Windows installation CD ready, as SFC will typically ask for it if it finds it needs to restore files.
-
Perform a repair install of Windows. This works very much like an full install, replacing and updating system files and other components, but it attempts to preserve all data and installed programs in the process.
If those don't work ... well, by now you know what's next.
•
Once your machine is clean, I'm going to strongly recommend you implement a frequent backup regimen. Daily would be nice, making sure that you save each day's information so that if necessary you can revert to a backup from "x days ago".
The reason I say this is that as much as we might want to make sure that your teens never, ever allow your machine to get infected again (and that should absolutely be the goal), the practical reality is that it ain't gonna happen. At least not right away.
With a sequence of daily backups, if you do get infected again you could simply restore the machine to the most recent backup prior to the infection. Yep, you'll lose any changes made after that backup, but my guess is that'll be a lot less painful than a full reinstall.
And it might even act as an incentive to avoid infections in the future.
Related:
-
Ask Leo! - My computer has a virus infection; how much has been compromised?
-
Ask Leo! - How do I remove a file that my anti-virus says can't be quarantined?
Article C3263 - January 10, 2008
Reformat your computer... but keep in mind you will lose everything you had on it.
Posted by: George Arauz at January 13, 2008 5:03 AMIF you have important files and projects on your computer that you have to preserve, then you MUST do the following;
Get the kids their own computer. Computers are a commodity now, and $300 will get them a starter new computer or a decent used computer.
Either get them OFF your network (internet connection), or find someone who knows how to protect your computer from the rest of the local network. Share nothing.
You can get them their own DSL service or their own cable modem. Let them pay the monthly fee for service; no pay, no service.
Demand the right to check up on their computing activities. Disucss the rules for computing that you expect them to adhere to, and retain the right to cut their online services if they abuse the rules. You will need to get someone to show you how to track their activities as kids quickly learn how to clear histories and caches.
With these protocols in place, only THEIR computers and data are at risk, and if they continue their unsafe computing habits, they will suffer the consequences, not you.
If, on the other hand, you do not take measures to protect your computer, it's only a matter of time (months, not years) before everyting goes kaput!
Backup. There is a good chance that one day, your backup will be the only thing left of your computing world. Your current unsafe computing situation just guarantees that this will happen much sooner.
Posted by: Thomas at January 13, 2008 7:26 AM-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Natalie Kehr: no, I actually don't control which specific
products appear in the Google Ads on my site. More info
on ads and more here: http://ask-leo.com/terms.html
Thanks,
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFHjSqzCMEe9B/8oqERAjTOAJ9+p46oMHwjdmlTKyZlTEuZCWQfwgCfQhM7
Posted by: Leo A. Notenboom at January 15, 2008 1:50 PMAc8HwDVoG4FNEpMAMgJN4Vw=
=Coob
-----END PGP SIGNATURE-----
er....i just wanted to ask you whether is it possible for a cable modem to be infected with virus...thx!
02-Oct-2008
I am using the Kaspersky antivirus, but I see my system hiden file are not shown by clicking the tools , folder opstion, show hiden file ,
What can i do?
Posted by: Biplop at November 15, 2008 6:21 PMMY VIRUS IS BAD, I CAN NOT DO ANYTHING ON MY COMPUTER, HOW DO I GET RID OF EVERYTHING AND PUT THE ORIGINAL WINDOWS CD IN?
Posted by: DEBRA at November 19, 2008 10:21 AMI've read through all of this and am still in the dark. I downloaded (& pd 4)the Spyware Doctor with anti virus, even though I already have AVG on my machine. I can't see that it is doing anything. I guess I'm a real dummy and shouldn't be allowed to have one of these thing. I have something going on. I was told I have a 'corrupted file'- which I would assume is because of a virus. So, what now? And what is this about the article at the top of this page? Do you mean that there is no guarantee that the virus will be gone - that the best thing is to avoid it in the first place??? I'd really like to know what I have done to get a virus. I do not download a bunch of stuff - SELDOM open an attachment, use this for my business only. Sorry, just had to get that out, and you probably won't print it or read it since I don't know what article at the top you refer to. Thanks anyway. I'll just keep on trying.
Posted by: dorothy gee at January 9, 2009 4:56 PMI too have a virus and can't even keep my computer on for one minute without it freezing up. I'm so sick of PC's!!! I'm buying a Mac and then I won't have to worry about these stupid viruses. :)
Posted by: Patricia at June 29, 2009 3:37 PMHOw do you reformat a computer. Mine is a Dell..and I cannot get on the internet at all because I have a virus. Can you help me? Thanks
Posted by: ellie at September 2, 2009 4:08 PMHOW DO I completely reformat the machine and reinstall the operating system, updates, applications and data from scratch?
Posted by: Daniel at September 16, 2009 1:23 PM