from Amazon
Monday, November 07, 2011
Windows Virus - privacy.exe
Ugly weekend for me. As best I can tell, a virus, planted as privacy.exe, executed on my machine. It was one of those that makes it look like it’s a Windows Security file, makes it look like it’s finding tons of viruses with on-screen prompts, when it itself is the virus. I had one of these a year or two ago. (I may have blogged about it, and I used Malwarebytes to kill its cousin.)
Anyway, this one was worse, as it latched onto some key .exe files, including iexplore, the virus scanner files, etc. I was able to clean most of the computer, including manually going into the registry. I was able to backup all my data files to my laptop, through the network connection.
Then the weird part. I ran my virus scanner one more time, and it found more files that were infected. Avast moves it to its “chest”, and I can see the file names. None of them were “critical”. I researched each one. But, after that happened, I had no more network connection.
I tried to do a System Restore to earlier checkpoints, but they all came back with a message that Windows could NOT restore. I ran sfc /scannow, but it kept prompting me for the XP SP3 install disk, as well as XP CD2. My computer was pre-installed by Dell, and I just had the Dell installation disk. I copied the I386 folder from the install disk to my C drive. Re-running sfc /scannow, it stopped prompting for XP SP3 install disk (presumably, it liked the new I386 folder), but it still kept asking for XP CD2.
This is where I am at: everything works fine, except for my network / internet connection.
Investigating further, my options when I get home are:
1. Installing WinSockFix. This looks promising.
2. Get into Windows Safe mode, and then run System Restore. This looks reasonable.
One thing: I have a wireless keyboard, and those drivers must load late, because I can never press F8 to force myself into Windows Safe mode. My unusual solution to that is to simply powerdown, rather than doing a normal shutdown. Usually Windows recognizes that something unusual happened, and prompts me to log into Safe mode. If you have other suggestions, let me know.
3. I had also bought the Windows Vista upgrade. At the time, they were doing the switchover, so I was one of the last ones to buy XP. So, for an extra 10$, they sent you the Vista upgrade disk. I was going to therefore do that upgrade.
Weirdly, when I tried the Dell assistant for that, it said that I couldn’t upgrade from XP. But, that’s exactly what the Vista upgrade disk was for. The only thing I can think of is that the XP I bought was a “Media Center”, and by now, since I’m at SP3, it may no longer qualify as upgradeable.
4. I didn’t know, but XP3 is available for download as an iso file. I’m not sure what that means yet. I was hoping that maybe I can turn that into an install disk, and then running the sfc /scannow, and when it prompts for the XP SP3 install, and the XP CD2 install disks, then I can just use that.
5. Worst-case, I simply start clean. I backedup all my data files and favorites. I will inventory all my apps to restore. And then, well, re-install the OS and everything else. Not something I particularly want to do, just so that I can get my internet connection working.
Alright, now that I’m here, I’d love to hear from you Straight Arrows. You’ve always been a tremendous help, and I need your words of wisdom.