How do I fix things on my computer left over from a virus?

by

If your computer is not completely restored... then you haven't removed the virus! I suggest a thorough course of action.
Question:

I have Windows XP desktop. I removed the smart virus, but there are changes
on my computer that the virus did and I can’t fix. With the Start menu, the
list of all programs is missing. Can I restore the list? Thank you for your
help.

In this excerpt from
Answercast #28, I look at the ramifications of having a virus on your
computer and how deep you need to go to get it clean again.

]]>
<![CDATA[

Cleaning up after a virus

So, the short answer is, “You didn’t remove the virus.”

I mean, you removed maybe the worst part of the virus. But, you certainly haven’t removed its side effects, its implications, and the things that it did to your system. So your removal is incomplete.

  • The problem is you still don’t know how incomplete that removal is!

What else is left?

That may imply that there are lots of other things on your system that the virus has left behind or has broken. You don’t know what they are!

My belief, and I’ve said this in multiple places:

  • Once your machine has been infected with a virus; it’s not your machine anymore.

That virus has essentially taken over and done things to your system… that you just don’t know. There’s no way to know either what it’s done or what you need to do to clean it up.

Restore to a backup

I do have an article, “How do I fix Windows after removing a virus?” It will go through a couple of different steps, but the bottom line is: if you want to be safe, there are exactly two approaches:

  • One is to restore to an image backup that you took before you were infected.

That’s quick, it’s easy. If you’ve got image backups, you’re safe once that’s done. That’s a fast way to remove the virus. It’s a fast way to know that you have removed not only the virus, but also any effects that it had on your system.

The problem, of course, is that most people don’t back up.

Reformat and reinstall

If you don’t have a backup; the only safe thing to do is:

  • Backup your system now (so that you don’t lose any files that you may have on the system that you care about);

  • Reformat;

  • Reinstall Windows;

  • Reinstall all your applications;

  • Reinstall your data;

  • And get on with your life.

If that sounds like a lot of work, it is. But it’s the only way to know that you have removed all traces of the virus and any side effects that thing has done.

Since it is so much work, I hope that you will learn from that and say, “You know what, maybe backups are worth the effort of setting up!”

Backups are the best way to save you from almost anything: including viruses and their aftereffects.

Next from Answercast 28 – Why is my download speed not what it should be?

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

2 comments on “How do I fix things on my computer left over from a virus?”

  1. Leo, I enjoy your articles. I agree with you that backups are important. Backup, backup, backup…

    There are ways to fix things and restoring to an image or reformatting and reinstalling isn’t always an option.

    I recommend browsing the BleepingComputer.com forums. Most of the the solutions that they have will recommend will include the use of ComboFix to solve a problem. Below is a basic guide on the how to use ComboFix. ComboFix is a VERY powerful utility. Just like anything else, proceed with caution.

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    There are moderators and will assist a person experiencing a problem and looking for help.

    BleepingComputer also has a free utility that called “unhide” that will help restore shortcuts that were deleted from the Start Menu, IF they are still in the user’s “%tmp%” directory. “unhide” will also change the file attributes to your entire “C drive” in the event that everything has been makes as the hidden attribute.

    There are other tools on their site that may help you.

    http://www.bleepingcomputer.com/download/windows/

    Another tool that I recommend if search results have been hijacked is TDSSKiller from Kaspersky.

    http://support.kaspersky.com/faq/?qid=208283363

    Reply

  2. Oh, I agree on the back up indeed. What I saw on your article on Image Backups was way over my head. I would rather just buy a flash drive and copy a specific set of files, even better a folder and be done. My CD won’t write and I cannot follow the directions for all of the backup suggestions, too complicated. Especially so when instructions say to go here or there and I don’t encounter what the directions say I’ll see. Now you instructions below this say “do not leave an email address, yet it says REQUIRED?

    You need to read instructions carefully. It says No Personal Information **in the comment**. The email address field that is required is not in the comment, and will not be published.

    Leo
    26-Jul-2012
    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Additional information is available at https://askleo.com/creative-commons-license/.