Found all folders and files had been set to hidden so can now view them and save to external HDD, just got to find the programs now. Advice still welcome please
First, see the link below and you'll note there are instructions for using an "unhide.exe" program at the end.. A number of the current malware types are "hiding" your personal files. The unhide.exe program should help.
It might be a good idea to follow ALL of the instructions there to make sure all things are clean.
And after all that, if you still can't run some of the programs in your system, try these steps:
Go to the link below and scroll down to line 12 (left column). RIGHT click on "EXE (lnk and regfile) Fix for Windows XP", choose "Save Target As " or "Save Link As", to download a reg file fix. Save the REG File to your hard disk. Double click it or right click it and choose "merge" and answer yes to the import prompt.
Hope this helps.
Many thanks for your very helpful advice. Yes the windows xp recovery was exactly the unwanted program I was infected with.
Unhide worked a treat but a number of links still broken and some programs not running correctly or at all.
I followed the instruction and followed the bleeping computer instructions, running the anti malware for the 3rd time discovered another malware object in the registry.
What beats me is there was a windows xp recovery icon on the desktop and windows recovery program in the all programs list and even when I ran the mcafee and antimalware scans they stil did not find them- I deleted manually because I assumed that the uninstall option was probably a catch. Dont know if I did right in doing this.
I installed secunia but it did not run as described- the welcome screen flashed up but then disappeared after a second or so.
I also had no luck with kellys korner - 404 not found error. Is this the malware again or is the site really no longer there?
Meanwhile system restore still not working. Wil run another scan now.
Many thanks for your advice - I would be lost without your help.
...then transfer it over to the problem machine.. Although the removal tools mentioned will work great, they aren't always perfect, especially if you have multiple malware infections on the machine. Frequently, you'll need to download some of the tools on a separate computer, copy them to a CD or flash drive, then transfer them to the infected computer..
And to get a "second opinion" on the topic, be sure to download, install, update, then run a full system scan using the second removal program below. As before, you may want to start the computer into "Safe Mode with Networking" to download, install, update, and run the full system scan.:
SUPERAntispyware Removal Tool
Hope this helps.
Thanks again, superantispyware found a couple more issues, the pc appears to be running fine now, some of the program folders in the list (those I never use like hardware utilities and games) are empty but they seem to return if I go into control panel, search for installed programs and use the repair option where there is one.
Theres a few things not quite right such as several icons missing from the notifications area of the task bar - network connections only show up if I disconnect then reconnect (the boxes are checked in properties).
I have not been able to download the registry fix from kellys korner on any pc there does seem to be a problem with the link. Is there any other recommendation you can give?
I still cannot use system restore to go to the condition prior to the infection but the restore program does work in that I can set a new restore point now and use it.
I an considering checking to see if I am offered the option to repair windows if I put in the original OS disk. Would this be a good idea do you think?
Thanks once again for your help. I could not have resolved this without your advice and support.
1. I still cannot use system restore to go to the condition prior to the
infection but the restore program does work in that I can set a new
restore point now and use it.
Here's my vote: Turn off System Restore then turn it back on. It will dump the old unusable restore points and give SR a fresh start. REMEMBER THAT NORTON can block SR. Symantac writes about that on their site.
2. I an considering checking to see
if I am offered the option to repair windows if I put in the original
OS disk. Would this be a good idea do you think?
I don't suggest this. Most folk are not prepared for the usual vanishing of their files in the usual ONE USER ACCOUNT they have. Without backup, the XP CD, and sometimes the loss of that XP CD KEY many make matters worse (and more expensive to fix) by doing this.
-> HERE'S WHAT I SUGGEST: Go get BELARC ADVISOR, run it's report and PRINT IT OUT! That report is GOLD because it has those missing details such as CD KEYS and more.
That the damage they can do is "unknown." Many are remove control things so it's not possible to write a "do this" to cure the installed OS. Yes it is possible to write "backup your stuff and reinstall the OS" but many already know that answer.
Recovery of the installed OS is rarely possible for the non-tech. I suggest you re-think the idea of fixing this OS.