January 22, 2005 4:45am

Owen,

The System Restore has been disabled this entire time. That was the first thing I did when I started to work on this problem. I did reboot the computer, but have not re-enabled the system restore feature.

Now, with the system restore still disabled, I ran through another scan on Housecall. It found 651 files, all in the C:\_RESTORE\TEMP folder, with the TROJ_AGENT.FR virus that it cannot clean.

I also ran through, with updated signatures, a Norton anti-virus scan. It found nothing.

Can I just select all files/folders in the _RESTORE folder and delete them from the computer? Will this mess up the System Restore feature once it is turned back on? OR Is there a way to clear out all the old system restore stuff (files, etc) as to put the computer back to a clean start, as though this would be a first time starting the computer?

If all I need to do is re-enable the system restore that is great, but I want these files off the computer completely as to not allow even the most remote possibility of getting the virus to infect other files again.

As for the processing speed - well so far I think things are still slow. I tried to open MS Word and the program hung - had to CTRL-ALT-DEL and end the task. I am not convinced that it is working much better yet. I am going to Trend Micro’s site and getting the clean procedures for the virus found in those files I mentioned earlier. Maybe there is still a registry entry and or other things that are interfering. I am not quite sure. Maybe some of the problem is with the way I have the Internet connected at this time, too. I have moved the computer to my house and connected to my internal LAN using a connection to my router and Roadrunner High Speed Internet access. Not sure if it will perform better back at my niece's place connected back up with the SBC Global DSL. From all my years of experience with computers, I don't think this should be any type of an issue. So that is why I am going to look into it further.

You have been of GREAT help to me. I am not very familiar with the HiJackThis program and am also very leery of deleting things in the registry. I am getting more comfortable with all of that as I have had a need to dig deep within the registry at my job. But I have also hose-up many of computers there, also. Just a stupid fear I guess.

Anyway. If you have any further hints, tips, and/or tricks that you would like to share with me, I would greatly appreciate it.

You are wonderful for helping people clean up the messes that these darn viruses cause. I cannot say enough of that except THANK YOU, THANK YOU, THANK YOU, THANK YOU!

Amy Biese

January 22, 2005 6:10am
I FOUND IT!!! (I hope) I went out on TrendMicro's site and searched their knowledge base for infected files in the _RESTORE folder. I found a TID that explains how that system restore works and how to clean out the files in there both automatically or manually. I will try this later today and let you know what happens.

January 22, 2005 10:30am

Owen,

It appears that the instructions I found were exactly what you were telling me to do. Sorry for doubting that what you were saying would work. I turned the System Restore back on and tested the computer on my network. Things seem to be working fine. I will be placing it back at my niece's house this afternoon, we will see how it works with the DSL.

Have you heard anything in regards to Windows ME and DSL having problems playing together? You know slowness that starts out small and then just keeps on progressing until the computer will not function properly.

I am thinking that the slowness is usually caused by the introduction of viruses and spyware into the computer. But just wanted another opinion.

Thanks again. I will definately talk to you again if I am in another pinch with a computer. You were a great help.
Amy Biese

Yep, the System Restore was exactly where the problem was led.

What I can really suggest to perhaps help you speed up the Windows Me PC is read the Speeding Up and Cleaning Up info at the top of the forum. This thread is very long but should be quite informative. Also read this:

Preventing it returning

After your problem has been resolved on the forum, it is an absoulute MUST to do the following steps to prevent the problem returning. Click on the link to get access to the software or webpage that I'm referring to.

1. Visit Windows Update
Pay a visit to Windows Update and scan for and download ALL Critical Updates and Service Packs. New updates are usually released monthly so check back to Windows Update every month.

2. Download Antivirus Software-
If you haven't already got Antivirus software, you should download and install AVG Antivirus. It is freeware and is updated nearly every 2 days (sometimes more frequently if there are a lot of new viruses) and in my opinion, is better than some Antivirus software such as Norton. Antivirus software will prevent viruses infecting your system and it is important that you update it every two days or every week at the most.

3. Download a Firewall-
If you haven't already got a firewall, it is Very important that you download one. Firewalls will prevent unauthorised access to your computer and stop data leaking out of your computer. You may think that it won't happen to you, but Hackers don't care who you are, what you do, where you live or what you had for tea last Sunday on your holiday in the Lake District, they want your data. Firewalls will keep these sneaks out and one of the best is Sygate Personal Firewall, which happens to be freeware.

4. Spyware Scanners-
It is important that as well as having real time spyware protection, you have a spyware scanning application. If you have not already been told to download one earlier in this thread, it is a good idea to download Spybot Search And Destroy and Ad-aware. They are both spyware scanners and will search for a remove spyware. It is recommended that you have both, because one will pick up entries that the other misses. It is even a good idea to download these if you have other programs such as ASE, Spysweeper, Pest Patrol, etc, because one spyware scanner will not pick up everything. Please remember to update your spyware scanners weekly/fortnightly.

5. Prevent Spyware slipping through Internet Explorer-
Quite a lot of spyware slips through Internet Explorer if your settings are not tight enough. Spyware Blaster will help you prevent spyware slipping through and installing tracking cookies. Simply run it via Start> Programs> Spyware Blaster and click Enable All Protection and it will protect you. It doesn't even have to be open! Remember to update weekly/fortnightly.

6. Constant Spyware Protection-
It is important to have constant spyware protection. Spyware Guard works like an antivirus program but detects Spyware instead. It will constantly protect your system. Check for updates monthly.

All Of these steps are very important and it is HIGHLY recommended that you download all of the programs mentioned for your own safety. Remember to Update everything (including Windows using Windows Update)! It is also a good idea to perform weekly/fortnightly scans with Spybot S&D, Ad-aware and your antivirus software.

And last of all, please remember, that common sense is your greatest tool. Without it, spyware and other related Malware would rule!

Thank you Owen. We have loaded all Windows Critical updates, anti-virus and spyware software on the computer. Just not a firewall. Not sure which one to get but will research it.

Thank you for all your help. I will be contacting you in the future, if that is okay, if I run into anything else that causes me problems that I am not able to figure out.

Amy