Guest Sam05 Posted June 19, 2008 Posted June 19, 2008 Hello. My computer has been infected with a virus that changed all my configuration settings, removed all programs from the start menu, makes the C:/ partition invisible, and does not allow me to access virus removal software, or system restore. I keep receiving messages "from a self installed program" that my computer is infected and needs to be scanned by various programs eg., Privacy protector, spyware protection, error cleaner, all of which have been self-installed on my computer and keep connecting to the internet to bring me more ads about virus protection. Can anybody help me, please. Thanks, Sam. P.S. I tried a windows recovery disk that contains many antivirus and antispyware programs but they did not detect anything.
Guest Carey Frisch [MVP] Posted June 19, 2008 Posted June 19, 2008 Re: Virus/spyware Once your PC is infected with a computer virus or worm, your computer becomes compromised and nothing less than a reinstallation of the operating system is going to work. Yes, you can try to scan and eliminate the initial virus, but you generally cannot undo the damage caused by the virus to the system files. You'll need to reformat your hard drive and then reinstall your Windows operating system. Clean Install Windows XP http://www.michaelstevenstech.com/cleanxpinstall.html After restoring your system, consider installing a good antivirus program, such as Windows OneCare. You can try it absolutely FREE for 90 days. http://onecare.live.com/standard/en-us/default.htm -- Carey Frisch Microsoft MVP Windows Desktop Experience - Windows Vista Enthusiast --------------------------------------------------------------- "Sam05" <Sam05@discussions.microsoft.com> wrote in message news:B612EB60-60A2-400C-A92A-EFD23D1FE8E3@microsoft.com... Hello. My computer has been infected with a virus that changed all my configuration settings, removed all programs from the start menu, makes the C:/ partition invisible, and does not allow me to access virus removal software, or system restore. I keep receiving messages "from a self installed program" that my computer is infected and needs to be scanned by various programs eg., Privacy protector, spyware protection, error cleaner, all of which have been self-installed on my computer and keep connecting to the internet to bring me more ads about virus protection. Can anybody help me, please. Thanks, Sam. P.S. I tried a windows recovery disk that contains many antivirus and antispyware programs but they did not detect anything.
Guest Malke Posted June 19, 2008 Posted June 19, 2008 Re: Virus/spyware Sam05 wrote: > Hello. > My computer has been infected with a virus that changed all my > configuration settings, removed all programs from the start menu, makes > the C:/ partition invisible, and does not allow me to access virus removal > software, or system restore. I keep receiving messages "from a self > installed program" that my computer is infected and needs to be scanned by > various programs eg., Privacy protector, spyware protection, error > cleaner, all of which have been self-installed on my computer and keep > connecting to the internet to bring me more ads about virus protection. > Can anybody help me, please. > Thanks, Sam. > P.S. I tried a windows recovery disk that contains many antivirus and > antispyware programs but they did not detect anything. I don't usually agree with Carey Frisch on this issue because I don't think the first thing you do on an infected machine is flatten it, but in this case he and I are in complete agreement. Your machine is too badly compromised to save. If you haven't backed up your data, you can do it from a Linux Live CD or a Bart's PE. Make sure you scan anything you save with a current version antivirus using updated definitions before you put it back onto a clean system. After your data is safe, do a clean install of Windows. http://michaelstevenstech.com/cleanxpinstall.html - Clean Install How-To http://www.elephantboycomputers.com/page2.html#Reinstalling_Windows - What you will need on-hand Malke -- MS-MVP Elephant Boy Computers http://www.elephantboycomputers.com Don't Panic!
Guest Kayman Posted June 20, 2008 Posted June 20, 2008 Re: Virus/spyware On Thu, 19 Jun 2008 16:31:36 -0700, Malke wrote: <snip> >... I don't think the first thing you do on an infected machine is > flatten it, but in this case he and I are in complete agreement. > Your machine is too badly compromised to save. <snip> When should one flatten and when should one use AV scanner(s)? What is your criteria, please?
Guest Malke Posted June 20, 2008 Posted June 20, 2008 Re: Virus/spyware Kayman wrote: > On Thu, 19 Jun 2008 16:31:36 -0700, Malke wrote: > > <snip> >>... I don't think the first thing you do on an infected machine is >> flatten it, but in this case he and I are in complete agreement. >> Your machine is too badly compromised to save. > <snip> > > When should one flatten and when should one use AV scanner(s)? What is > your criteria, please? Sorry but can't give you a definitive answer. It depends on what the computer is infected with. You also reference "AV scanner(s)" and AV is only part of the story. Non-viral malware can be just as invasive and destructive as viruses. Malke -- MS-MVP Elephant Boy Computers http://www.elephantboycomputers.com Don't Panic!
Guest Leythos Posted June 20, 2008 Posted June 20, 2008 Re: Virus/spyware In article <#AUzMdu0IHA.2084@TK2MSFTNGP06.phx.gbl>, malke@invalid.invalid says... > Kayman wrote: > > > On Thu, 19 Jun 2008 16:31:36 -0700, Malke wrote: > > > > <snip> > >>... I don't think the first thing you do on an infected machine is > >> flatten it, but in this case he and I are in complete agreement. > >> Your machine is too badly compromised to save. > > <snip> > > > > When should one flatten and when should one use AV scanner(s)? What is > > your criteria, please? > > Sorry but can't give you a definitive answer. It depends on what the > computer is infected with. You also reference "AV scanner(s)" and AV is > only part of the story. Non-viral malware can be just as invasive and While this is no a popular answer, the answer is really simple, at least based on the question: When should one flatten? Any time a computer is compromised it's been compromised because the user doesn't know enough about security, about keeping safe. With that in mind it means that they are also not going to know enough about cleaning it or if it was actually cleaned. We can all accept the fact that no single tool cleans all malware. We can all accept that 0-day exploits are not detected nearly as well as we would like. We can all accept that there is no way for a "typical" user to be sure their system is 100.0% clean of malware. So, the proper answer to the question is, one should always flatten their compromised system, rebuild in a clean environment from clean media, and while doing so, they should learn about safety. To prove the point, having seen many residential systems that are compromised, I can assure you that after the second or third time they have to rebuild their computer that they get tired of the down-time and learn about keeping safe, at least the ones capable of learning do. So, yes, it's not popular, but, there is no single tool that can provide a 100.0% guarantee that a system is clean. -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@rrohio.com (remove 999 for proper email address)
Guest Kayman Posted June 21, 2008 Posted June 21, 2008 Re: Virus/spyware On Fri, 20 Jun 2008 11:38:13 -0400, Leythos wrote: > In article <#AUzMdu0IHA.2084@TK2MSFTNGP06.phx.gbl>, > malke@invalid.invalid says... >> Kayman wrote: >> >>> On Thu, 19 Jun 2008 16:31:36 -0700, Malke wrote: >>> >>> <snip> >>>>... I don't think the first thing you do on an infected machine is >>>> flatten it, but in this case he and I are in complete agreement. >>>> Your machine is too badly compromised to save. >>> <snip> >>> >>> When should one flatten and when should one use AV scanner(s)? What is >>> your criteria, please? >> >> Sorry but can't give you a definitive answer. It depends on what the >> computer is infected with. You also reference "AV scanner(s)" and AV is >> only part of the story. Non-viral malware can be just as invasive and > > While this is no a popular answer, the answer is really simple, at least > based on the question: > > When should one flatten? > > Any time a computer is compromised it's been compromised because the > user doesn't know enough about security, about keeping safe. With that > in mind it means that they are also not going to know enough about > cleaning it or if it was actually cleaned. > > We can all accept the fact that no single tool cleans all malware. > > We can all accept that 0-day exploits are not detected nearly as well as > we would like. > > We can all accept that there is no way for a "typical" user to be sure > their system is 100.0% clean of malware. > > So, the proper answer to the question is, one should always flatten > their compromised system, rebuild in a clean environment from clean > media, and while doing so, they should learn about safety. > > To prove the point, having seen many residential systems that are > compromised, I can assure you that after the second or third time they > have to rebuild their computer that they get tired of the down-time and > learn about keeping safe, at least the ones capable of learning do. > > So, yes, it's not popular, but, there is no single tool that can provide > a 100.0% guarantee that a system is clean. Alright then. Taking into consideration that nothing is 100% or perfect on this planet; If I understand you correctly than there is really no room for virus removal procedures such as recommended by Malke (page2), Bleeping Computer and/or David's Multi-AV. Is it *really* that cut and dry? If so, I am rather surprised that (IMO) procedures to rebuild the OS are not very well communicated to the average homeuser. And, for the average homeuser, rebuilding OS is probably too technical to comprehend/implement. It seems, if somebody could come up with a (relative) simple procedure to flatten/rebuild an OS (like: click, click, click - done :-)), AV scanners could be rendered obsolete and superfluous. BTW, I am not suggesting that flattening/rebuilding OS is complicated for the experienced user).
Recommended Posts