I'm trying to help a friend who has apparently picked up a virus. He didn't have anti-virus software, so when he started noticing problems he bought Norton. By then it was too late; Norton will not install. I tried running Microsoft's safety scanner, but the installation just hung. I couldn't even install the necessary ActiveX controls. It appears that nothing will install.

I suspect that even if I can get rid of the virus(es), the system is probably too damaged to be useful. I'm considering just reinstalling from scratch, but I thought I'd see if there was any other alternative.

Any suggestions would be appreciated.

on the affected pc make sure all windows updates are installed. Many things will refuse to install if windows installer is not the 3.1 version or better


Your suggestion is a good one, but there really was a virus (8, or more, of them, to be more precise).

The computer belongs to the 14 year old son of a friend, and it had not been connected to the Internet until recently. So, the kid ignored the warnings that Norton 2003 (which came bundled with the machine) was due to expire. When he did connect the computer to the Internet, he had long forgotten about anti-virus until he started getting pop-ups. At this point, nothing would install.

I initially used msconfig to disable all non-Microsoft services and all startup programs. I then started the Windows Installer service manually, and ran the Microsoft Safety Scanner. The Safety Scanner found 8 viruses but couldn't clean 2 of them. It did clean up the registry, however, and I was able to apply all updates.

I then created a restore point and tried installing Norton again. The installation appeared to succeed, but Norton wouldn't start, and after the required reboot Internet access was blocked. I thought that perhaps a Norton-related service wasn't starting, so I re-enabled services and startup.

BIG MISTAKE! Whatever virus was still left immediately disabled the firewall, System Restore, and wiped all restore points.

At this point I figured I'd spent enough time on the system. I booted Knoppix and copied the user data to a USB drive, wiped the system, and reinstalled the OS from scratch.

This is a Compaq system with a recovery partition, and the owner of the system hadn't made recovery CDs. I was worried that the recovery partition had also been contaminated, but it had not been.


if you reinstalled the system youve probably killed the recovery partition (reinstalling the windows bootloader breaks the prompt)


I seem to recall that it is still there, but I'll confess that I didn't pay a lot of attention...



