Jay H
Senior HTF Member
Hi Folks, spent the last night on the phone with a friend of mine trying to clean her laptop running WinXP of almost every spyware, virus known to man. Cashback, Navisearch, bargain, MyDoom, W32.bloodhound, Toolbar, etc. etc.
Since I am not familiar with XP that much cause I run Win2000 at home and at work, I wasn't familiar with how to disble System Restore. (I know that you're supposed to and I know how to now). Anyway, can somebody tell me how System Restore in XP works? From what I gather it's something similar to Win 2k "Last known good configuration" except that it stores multiple points of restoration rather than one. Also, you'll never use it unless there is a problem with bootup or something.
So far, so good, she's able to boot up without any problem after disinfecting a whole boatload of stuff via AVG Free, Spybot and Adaware. But I had to do this with System Restore on. I'm hoping that there isn't any kind of automatic fix that somehow could spring up and reinfect my friend's laptop.
I didn't want her to go online just yet for fear of reinfecting her (she had a bunch of trojan downloaders too) so I didn't want her to go look up how to disable SR). But I think she is at a point where it is safe for her to at least update the AD-Aware, Spybot to the latest definitions and rerun a full system scan. And I think she is safe enough now to email me a Hijackthis logfile so I can check it out myself. I know AVG did not find everything, she still has a couple spyware that I researched a bit and I can tell her how to remove it.
Assuming that everything is fine, how do I permanently delete anything that System Restore has saved? to make sure it is gone for good and then I can turn SR back on so it saves a non-infected saveset?
She's already is using Firefox and I'm going to setup Eudora once everything is OK so she can ditch Outlook Express. Then I can get her to install SP2 for XP and some other simple things...
Jay
Since I am not familiar with XP that much cause I run Win2000 at home and at work, I wasn't familiar with how to disble System Restore. (I know that you're supposed to and I know how to now). Anyway, can somebody tell me how System Restore in XP works? From what I gather it's something similar to Win 2k "Last known good configuration" except that it stores multiple points of restoration rather than one. Also, you'll never use it unless there is a problem with bootup or something.
So far, so good, she's able to boot up without any problem after disinfecting a whole boatload of stuff via AVG Free, Spybot and Adaware. But I had to do this with System Restore on. I'm hoping that there isn't any kind of automatic fix that somehow could spring up and reinfect my friend's laptop.
I didn't want her to go online just yet for fear of reinfecting her (she had a bunch of trojan downloaders too) so I didn't want her to go look up how to disable SR). But I think she is at a point where it is safe for her to at least update the AD-Aware, Spybot to the latest definitions and rerun a full system scan. And I think she is safe enough now to email me a Hijackthis logfile so I can check it out myself. I know AVG did not find everything, she still has a couple spyware that I researched a bit and I can tell her how to remove it.
Assuming that everything is fine, how do I permanently delete anything that System Restore has saved? to make sure it is gone for good and then I can turn SR back on so it saves a non-infected saveset?
She's already is using Firefox and I'm going to setup Eudora once everything is OK so she can ditch Outlook Express. Then I can get her to install SP2 for XP and some other simple things...
Jay