XP Pro system restore blocked by malware

Archived from groups: microsoft.public.windowsxp.basics (More info?)

I inadvertently left my anti-virus disabled the other day on my Windows XP
Pro computer and downloaded malware from a web page. This malware installed
itself on my PC without my permission.

I was able to remove most of it by running the anti-virus scanner with XP in
safe mode.

However one file is particularly stubborn and will not be removed.

So I restarted in safe mode and attempted to do a System Restore to an
earlier point prior to my malware infection.

I restarted in safe mode and logged in as Administrator however the restore
continues to fail. It seems like a portion of the malware loads even in
safe mode and interferes with the System Restore function.

My question: how can I boot XP Pro system into safe mode to run the system
restore successfully? Can I do it from the (writeprotected) XP setup discs
or an XP start up disc? I would just like to restore the system back to the
state of last Thursday:-) I got this problem this morning around 7 am and
this has turned out to be a rather long and tiring day:-)

Thanks a lot:-)
8 answers Last reply
More about system restore blocked malware
  1. Archived from groups: microsoft.public.windowsxp.basics (More info?)

    You might be able to run System Restore before Safe Mode completely loads by
    using the following:
    1 Re-boot your PC
    2 As the PC is booting up keep tapping the F8 button
    3 When the Option Menu appears on screen select the Safe Mode with Command
    prompt option
    4 At the safe mode command prompt type:
    %systemroot%\System32\restore\rstrui.exe
    5 System Restore will now open and you can choose the relevant restore point

    --

    Harry Ohrn MS-MVP [Shell/User]
    www.webtree.ca/windowsxp


    "Online Traveller" <user@server.ca> wrote in message
    news:tSdde.2876$VL3.81097@news20.bellglobal.com...
    >I inadvertently left my anti-virus disabled the other day on my Windows XP
    > Pro computer and downloaded malware from a web page. This malware
    > installed
    > itself on my PC without my permission.
    >
    > I was able to remove most of it by running the anti-virus scanner with XP
    > in
    > safe mode.
    >
    > However one file is particularly stubborn and will not be removed.
    >
    > So I restarted in safe mode and attempted to do a System Restore to an
    > earlier point prior to my malware infection.
    >
    > I restarted in safe mode and logged in as Administrator however the
    > restore
    > continues to fail. It seems like a portion of the malware loads even in
    > safe mode and interferes with the System Restore function.
    >
    > My question: how can I boot XP Pro system into safe mode to run the
    > system
    > restore successfully? Can I do it from the (writeprotected) XP setup
    > discs
    > or an XP start up disc? I would just like to restore the system back to
    > the
    > state of last Thursday:-) I got this problem this morning around 7 am and
    > this has turned out to be a rather long and tiring day:-)
    >
    > Thanks a lot:-)
    >
    >
  2. Archived from groups: microsoft.public.windowsxp.basics (More info?)

    Thanks for your suggestion but it didn't work. I used your method and
    systematically tried every restore point I had. I went right back to April
    1st :-)

    I keep getting Restoration Incomplete.

    I really don't want to re-install XP as I'm so busy right now. Having to
    reinstall XP now and all my programs would really be a great hardship for me
    at this point, but I guess that is what the virus writers do only hope for
    :-)

    Is there any way around this?

    Thanks a lot :-)

    PS:

    The folder causing me all this heartache is in the windows folder and the
    name of it is isrvs. My anti-virus program says to delete it but I refuses
    to be deleted. The two dll files that refuse to leave my life are
    mfiltis.dll and clientax.dll. This is bad and very virulent stuff, it would
    appear.


    "Harry Ohrn" <harry---@webtree.ca> wrote in message
    news:OIbLAerTFHA.2908@TK2MSFTNGP10.phx.gbl...
    > You might be able to run System Restore before Safe Mode completely loads
    by
    > using the following:
    > 1 Re-boot your PC
    > 2 As the PC is booting up keep tapping the F8 button
    > 3 When the Option Menu appears on screen select the Safe Mode with Command
    > prompt option
    > 4 At the safe mode command prompt type:
    > %systemroot%\System32\restore\rstrui.exe
    > 5 System Restore will now open and you can choose the relevant restore
    point
    >
    > --
    >
    > Harry Ohrn MS-MVP [Shell/User]
    > www.webtree.ca/windowsxp
    >
    >
    > "Online Traveller" <user@server.ca> wrote in message
    > news:tSdde.2876$VL3.81097@news20.bellglobal.com...
    > >I inadvertently left my anti-virus disabled the other day on my Windows
    XP
    > > Pro computer and downloaded malware from a web page. This malware
    > > installed
    > > itself on my PC without my permission.
    > >
    > > I was able to remove most of it by running the anti-virus scanner with
    XP
    > > in
    > > safe mode.
    > >
    > > However one file is particularly stubborn and will not be removed.
    > >
    > > So I restarted in safe mode and attempted to do a System Restore to an
    > > earlier point prior to my malware infection.
    > >
    > > I restarted in safe mode and logged in as Administrator however the
    > > restore
    > > continues to fail. It seems like a portion of the malware loads even in
    > > safe mode and interferes with the System Restore function.
    > >
    > > My question: how can I boot XP Pro system into safe mode to run the
    > > system
    > > restore successfully? Can I do it from the (writeprotected) XP setup
    > > discs
    > > or an XP start up disc? I would just like to restore the system back to
    > > the
    > > state of last Thursday:-) I got this problem this morning around 7 am
    and
    > > this has turned out to be a rather long and tiring day:-)
    > >
    > > Thanks a lot:-)
    > >
    > >
    >
    >
  3. Archived from groups: microsoft.public.windowsxp.basics (More info?)

    Online Traveller wrote:
    > Thanks for your suggestion but it didn't work. I used your method and
    > systematically tried every restore point I had. I went right back to
    > April 1st :-)
    >
    > I keep getting Restoration Incomplete.
    >
    > I really don't want to re-install XP as I'm so busy right now.
    > Having to reinstall XP now and all my programs would really be a
    > great hardship for me at this point, but I guess that is what the
    > virus writers do only hope for :-)
    >
    > Is there any way around this?
    >
    > Thanks a lot :-)
    >
    > PS:
    >
    > The folder causing me all this heartache is in the windows folder and
    > the name of it is isrvs. My anti-virus program says to delete it but
    > I refuses to be deleted. The two dll files that refuse to leave my
    > life are mfiltis.dll and clientax.dll. This is bad and very virulent
    > stuff, it would appear.

    Use HijackThis to remove it.

    --
    <- Shenan ->
    --
    The information is provided "as is", it is suggested you research for
    yourself before you take any advice - you are the one ultimately
    responsible for your actions/problems/solutions. Know what you are
    getting into before you jump in with both feet.
  4. Archived from groups: microsoft.public.windowsxp.basics (More info?)

    Unfortunately once System Restore points are corrupt there is no way to
    repair them. You may wish to visit one of the sites dedicated to removal of
    spyware/malware and the likes. An excellent resource is found here
    http://aumha.org/win5/a/parasite.htm Jim Eshelman also has a forum which
    really should be helpful to you
    http://aumha.net/viewforum.php?f=28&sid=af5cda8b56e8f372951fcc1c73ba5e1b

    --

    Harry Ohrn MS-MVP [Shell/User]
    www.webtree.ca/windowsxp


    "Online Traveller" <user@server.ca> wrote in message
    news:hcide.3071$VL3.131033@news20.bellglobal.com...
    > Thanks for your suggestion but it didn't work. I used your method and
    > systematically tried every restore point I had. I went right back to
    > April
    > 1st :-)
    >
    > I keep getting Restoration Incomplete.
    >
    > I really don't want to re-install XP as I'm so busy right now. Having to
    > reinstall XP now and all my programs would really be a great hardship for
    > me
    > at this point, but I guess that is what the virus writers do only hope for
    > :-)
    >
    > Is there any way around this?
    >
    > Thanks a lot :-)
    >
    > PS:
    >
    > The folder causing me all this heartache is in the windows folder and the
    > name of it is isrvs. My anti-virus program says to delete it but I
    > refuses
    > to be deleted. The two dll files that refuse to leave my life are
    > mfiltis.dll and clientax.dll. This is bad and very virulent stuff, it
    > would
    > appear.
    >
    >
    >
    >
    > "Harry Ohrn" <harry---@webtree.ca> wrote in message
    > news:OIbLAerTFHA.2908@TK2MSFTNGP10.phx.gbl...
    >> You might be able to run System Restore before Safe Mode completely loads
    > by
    >> using the following:
    >> 1 Re-boot your PC
    >> 2 As the PC is booting up keep tapping the F8 button
    >> 3 When the Option Menu appears on screen select the Safe Mode with
    >> Command
    >> prompt option
    >> 4 At the safe mode command prompt type:
    >> %systemroot%\System32\restore\rstrui.exe
    >> 5 System Restore will now open and you can choose the relevant restore
    > point
    >>
    >> --
    >>
    >> Harry Ohrn MS-MVP [Shell/User]
    >> www.webtree.ca/windowsxp
    >>
    >>
    >> "Online Traveller" <user@server.ca> wrote in message
    >> news:tSdde.2876$VL3.81097@news20.bellglobal.com...
    >> >I inadvertently left my anti-virus disabled the other day on my Windows
    > XP
    >> > Pro computer and downloaded malware from a web page. This malware
    >> > installed
    >> > itself on my PC without my permission.
    >> >
    >> > I was able to remove most of it by running the anti-virus scanner with
    > XP
    >> > in
    >> > safe mode.
    >> >
    >> > However one file is particularly stubborn and will not be removed.
    >> >
    >> > So I restarted in safe mode and attempted to do a System Restore to an
    >> > earlier point prior to my malware infection.
    >> >
    >> > I restarted in safe mode and logged in as Administrator however the
    >> > restore
    >> > continues to fail. It seems like a portion of the malware loads even
    >> > in
    >> > safe mode and interferes with the System Restore function.
    >> >
    >> > My question: how can I boot XP Pro system into safe mode to run the
    >> > system
    >> > restore successfully? Can I do it from the (writeprotected) XP setup
    >> > discs
    >> > or an XP start up disc? I would just like to restore the system back
    >> > to
    >> > the
    >> > state of last Thursday:-) I got this problem this morning around 7 am
    > and
    >> > this has turned out to be a rather long and tiring day:-)
    >> >
    >> > Thanks a lot:-)
    >> >
    >> >
    >>
    >>
    >
  5. Archived from groups: microsoft.public.windowsxp.basics (More info?)

    Some nasties prevent System Restore from running properly.. others allow
    System Restore to complete only because they have embedded into SR ready to
    propagate at the first available opportunity..

    You would do well to remove all restore points..

    --
    Mike Hall
    MVP - Windows Shell/user

    http://dts-l.org/goodpost.htm


    "Online Traveller" <user@server.ca> wrote in message
    news:hcide.3071$VL3.131033@news20.bellglobal.com...
    > Thanks for your suggestion but it didn't work. I used your method and
    > systematically tried every restore point I had. I went right back to
    > April
    > 1st :-)
    >
    > I keep getting Restoration Incomplete.
    >
    > I really don't want to re-install XP as I'm so busy right now. Having to
    > reinstall XP now and all my programs would really be a great hardship for
    > me
    > at this point, but I guess that is what the virus writers do only hope for
    > :-)
    >
    > Is there any way around this?
    >
    > Thanks a lot :-)
    >
    > PS:
    >
    > The folder causing me all this heartache is in the windows folder and the
    > name of it is isrvs. My anti-virus program says to delete it but I
    > refuses
    > to be deleted. The two dll files that refuse to leave my life are
    > mfiltis.dll and clientax.dll. This is bad and very virulent stuff, it
    > would
    > appear.
    >
    >
    >
    >
    > "Harry Ohrn" <harry---@webtree.ca> wrote in message
    > news:OIbLAerTFHA.2908@TK2MSFTNGP10.phx.gbl...
    >> You might be able to run System Restore before Safe Mode completely loads
    > by
    >> using the following:
    >> 1 Re-boot your PC
    >> 2 As the PC is booting up keep tapping the F8 button
    >> 3 When the Option Menu appears on screen select the Safe Mode with
    >> Command
    >> prompt option
    >> 4 At the safe mode command prompt type:
    >> %systemroot%\System32\restore\rstrui.exe
    >> 5 System Restore will now open and you can choose the relevant restore
    > point
    >>
    >> --
    >>
    >> Harry Ohrn MS-MVP [Shell/User]
    >> www.webtree.ca/windowsxp
    >>
    >>
    >> "Online Traveller" <user@server.ca> wrote in message
    >> news:tSdde.2876$VL3.81097@news20.bellglobal.com...
    >> >I inadvertently left my anti-virus disabled the other day on my Windows
    > XP
    >> > Pro computer and downloaded malware from a web page. This malware
    >> > installed
    >> > itself on my PC without my permission.
    >> >
    >> > I was able to remove most of it by running the anti-virus scanner with
    > XP
    >> > in
    >> > safe mode.
    >> >
    >> > However one file is particularly stubborn and will not be removed.
    >> >
    >> > So I restarted in safe mode and attempted to do a System Restore to an
    >> > earlier point prior to my malware infection.
    >> >
    >> > I restarted in safe mode and logged in as Administrator however the
    >> > restore
    >> > continues to fail. It seems like a portion of the malware loads even
    >> > in
    >> > safe mode and interferes with the System Restore function.
    >> >
    >> > My question: how can I boot XP Pro system into safe mode to run the
    >> > system
    >> > restore successfully? Can I do it from the (writeprotected) XP setup
    >> > discs
    >> > or an XP start up disc? I would just like to restore the system back
    >> > to
    >> > the
    >> > state of last Thursday:-) I got this problem this morning around 7 am
    > and
    >> > this has turned out to be a rather long and tiring day:-)
    >> >
    >> > Thanks a lot:-)
    >> >
    >> >
    >>
    >>
    >
  6. Archived from groups: microsoft.public.windowsxp.basics (More info?)

    Thank you very much for your help, I do appreciate it :-) I will
    investigate those links.

    "Harry Ohrn" <harry---@webtree.ca> wrote in message
    news:OhDvHstTFHA.2420@TK2MSFTNGP12.phx.gbl...
    > Unfortunately once System Restore points are corrupt there is no way to
    > repair them. You may wish to visit one of the sites dedicated to removal
    of
    > spyware/malware and the likes. An excellent resource is found here
    > http://aumha.org/win5/a/parasite.htm Jim Eshelman also has a forum which
    > really should be helpful to you
    > http://aumha.net/viewforum.php?f=28&sid=af5cda8b56e8f372951fcc1c73ba5e1b
    >
    > --
    >
    > Harry Ohrn MS-MVP [Shell/User]
    > www.webtree.ca/windowsxp
    >
    >
    > "Online Traveller" <user@server.ca> wrote in message
    > news:hcide.3071$VL3.131033@news20.bellglobal.com...
    > > Thanks for your suggestion but it didn't work. I used your method and
    > > systematically tried every restore point I had. I went right back to
    > > April
    > > 1st :-)
    > >
    > > I keep getting Restoration Incomplete.
    > >
    > > I really don't want to re-install XP as I'm so busy right now. Having
    to
    > > reinstall XP now and all my programs would really be a great hardship
    for
    > > me
    > > at this point, but I guess that is what the virus writers do only hope
    for
    > > :-)
    > >
    > > Is there any way around this?
    > >
    > > Thanks a lot :-)
    > >
    > > PS:
    > >
    > > The folder causing me all this heartache is in the windows folder and
    the
    > > name of it is isrvs. My anti-virus program says to delete it but I
    > > refuses
    > > to be deleted. The two dll files that refuse to leave my life are
    > > mfiltis.dll and clientax.dll. This is bad and very virulent stuff, it
    > > would
    > > appear.
    > >
    > >
    > >
    > >
    > > "Harry Ohrn" <harry---@webtree.ca> wrote in message
    > > news:OIbLAerTFHA.2908@TK2MSFTNGP10.phx.gbl...
    > >> You might be able to run System Restore before Safe Mode completely
    loads
    > > by
    > >> using the following:
    > >> 1 Re-boot your PC
    > >> 2 As the PC is booting up keep tapping the F8 button
    > >> 3 When the Option Menu appears on screen select the Safe Mode with
    > >> Command
    > >> prompt option
    > >> 4 At the safe mode command prompt type:
    > >> %systemroot%\System32\restore\rstrui.exe
    > >> 5 System Restore will now open and you can choose the relevant restore
    > > point
    > >>
    > >> --
    > >>
    > >> Harry Ohrn MS-MVP [Shell/User]
    > >> www.webtree.ca/windowsxp
    > >>
    > >>
    > >> "Online Traveller" <user@server.ca> wrote in message
    > >> news:tSdde.2876$VL3.81097@news20.bellglobal.com...
    > >> >I inadvertently left my anti-virus disabled the other day on my
    Windows
    > > XP
    > >> > Pro computer and downloaded malware from a web page. This malware
    > >> > installed
    > >> > itself on my PC without my permission.
    > >> >
    > >> > I was able to remove most of it by running the anti-virus scanner
    with
    > > XP
    > >> > in
    > >> > safe mode.
    > >> >
    > >> > However one file is particularly stubborn and will not be removed.
    > >> >
    > >> > So I restarted in safe mode and attempted to do a System Restore to
    an
    > >> > earlier point prior to my malware infection.
    > >> >
    > >> > I restarted in safe mode and logged in as Administrator however the
    > >> > restore
    > >> > continues to fail. It seems like a portion of the malware loads even
    > >> > in
    > >> > safe mode and interferes with the System Restore function.
    > >> >
    > >> > My question: how can I boot XP Pro system into safe mode to run the
    > >> > system
    > >> > restore successfully? Can I do it from the (writeprotected) XP setup
    > >> > discs
    > >> > or an XP start up disc? I would just like to restore the system back
    > >> > to
    > >> > the
    > >> > state of last Thursday:-) I got this problem this morning around 7
    am
    > > and
    > >> > this has turned out to be a rather long and tiring day:-)
    > >> >
    > >> > Thanks a lot:-)
    > >> >
    > >> >
    > >>
    > >>
    > >
    >
    >
  7. Archived from groups: microsoft.public.windowsxp.basics (More info?)

    You're welcome and good luck.

    --

    Harry Ohrn MS-MVP [Shell/User]
    www.webtree.ca/windowsxp


    "Online Traveller" <user@server.ca> wrote in message
    news:SNjde.777$3U.197887@news20.bellglobal.com...
    > Thank you very much for your help, I do appreciate it :-) I will
    > investigate those links.
    >
    > "Harry Ohrn" <harry---@webtree.ca> wrote in message
    > news:OhDvHstTFHA.2420@TK2MSFTNGP12.phx.gbl...
    >> Unfortunately once System Restore points are corrupt there is no way to
    >> repair them. You may wish to visit one of the sites dedicated to removal
    > of
    >> spyware/malware and the likes. An excellent resource is found here
    >> http://aumha.org/win5/a/parasite.htm Jim Eshelman also has a forum which
    >> really should be helpful to you
    >> http://aumha.net/viewforum.php?f=28&sid=af5cda8b56e8f372951fcc1c73ba5e1b
    >>
    >> --
    >>
    >> Harry Ohrn MS-MVP [Shell/User]
    >> www.webtree.ca/windowsxp
    >>
    >>
    >> "Online Traveller" <user@server.ca> wrote in message
    >> news:hcide.3071$VL3.131033@news20.bellglobal.com...
    >> > Thanks for your suggestion but it didn't work. I used your method and
    >> > systematically tried every restore point I had. I went right back to
    >> > April
    >> > 1st :-)
    >> >
    >> > I keep getting Restoration Incomplete.
    >> >
    >> > I really don't want to re-install XP as I'm so busy right now. Having
    > to
    >> > reinstall XP now and all my programs would really be a great hardship
    > for
    >> > me
    >> > at this point, but I guess that is what the virus writers do only hope
    > for
    >> > :-)
    >> >
    >> > Is there any way around this?
    >> >
    >> > Thanks a lot :-)
    >> >
    >> > PS:
    >> >
    >> > The folder causing me all this heartache is in the windows folder and
    > the
    >> > name of it is isrvs. My anti-virus program says to delete it but I
    >> > refuses
    >> > to be deleted. The two dll files that refuse to leave my life are
    >> > mfiltis.dll and clientax.dll. This is bad and very virulent stuff, it
    >> > would
    >> > appear.
    >> >
    >> >
    >> >
    >> >
    >> > "Harry Ohrn" <harry---@webtree.ca> wrote in message
    >> > news:OIbLAerTFHA.2908@TK2MSFTNGP10.phx.gbl...
    >> >> You might be able to run System Restore before Safe Mode completely
    > loads
    >> > by
    >> >> using the following:
    >> >> 1 Re-boot your PC
    >> >> 2 As the PC is booting up keep tapping the F8 button
    >> >> 3 When the Option Menu appears on screen select the Safe Mode with
    >> >> Command
    >> >> prompt option
    >> >> 4 At the safe mode command prompt type:
    >> >> %systemroot%\System32\restore\rstrui.exe
    >> >> 5 System Restore will now open and you can choose the relevant restore
    >> > point
    >> >>
    >> >> --
    >> >>
    >> >> Harry Ohrn MS-MVP [Shell/User]
    >> >> www.webtree.ca/windowsxp
    >> >>
    >> >>
    >> >> "Online Traveller" <user@server.ca> wrote in message
    >> >> news:tSdde.2876$VL3.81097@news20.bellglobal.com...
    >> >> >I inadvertently left my anti-virus disabled the other day on my
    > Windows
    >> > XP
    >> >> > Pro computer and downloaded malware from a web page. This malware
    >> >> > installed
    >> >> > itself on my PC without my permission.
    >> >> >
    >> >> > I was able to remove most of it by running the anti-virus scanner
    > with
    >> > XP
    >> >> > in
    >> >> > safe mode.
    >> >> >
    >> >> > However one file is particularly stubborn and will not be removed.
    >> >> >
    >> >> > So I restarted in safe mode and attempted to do a System Restore to
    > an
    >> >> > earlier point prior to my malware infection.
    >> >> >
    >> >> > I restarted in safe mode and logged in as Administrator however the
    >> >> > restore
    >> >> > continues to fail. It seems like a portion of the malware loads
    >> >> > even
    >> >> > in
    >> >> > safe mode and interferes with the System Restore function.
    >> >> >
    >> >> > My question: how can I boot XP Pro system into safe mode to run the
    >> >> > system
    >> >> > restore successfully? Can I do it from the (writeprotected) XP
    >> >> > setup
    >> >> > discs
    >> >> > or an XP start up disc? I would just like to restore the system
    >> >> > back
    >> >> > to
    >> >> > the
    >> >> > state of last Thursday:-) I got this problem this morning around 7
    > am
    >> > and
    >> >> > this has turned out to be a rather long and tiring day:-)
    >> >> >
    >> >> > Thanks a lot:-)
    >> >> >
    >> >> >
    >> >>
    >> >>
    >> >
    >>
    >>
    >
  8. Archived from groups: microsoft.public.windowsxp.basics (More info?)

    Thanks again for the links to the spyware removal tools. I was able to
    remove everything in this trojan infestation but not paytime.exe and
    clientax.dll Adware 180 Search so these 2 files appear to be the most
    virulent pests:-)

    If anyone has any experience removing these two criters, please share your
    experience with me:-)

    When I right click paytime.exe and choose scan with Norton anti-virus Norton
    anti-virus doesn't seem to know that this is a virus file. My virus
    definitions are up-to-date. Then when I do a full system scan Norton
    anti-virus tells me it needs to delete clientax.dll so I choose to delete it
    within Norton and Norton then says file delete failed.

    The path to clientax.dll is "c:\Windows\Downloaded Program Files" however
    this dll file is not visible in that folder when I open the folder.

    So I'm thinking my next step should be to highlight the
    "c:\!Submit\paytime.exe" file in the Killbox program and check "delete on
    reboot" and also check "end explorer shell while killing file". I'm hoping
    this will do the trick. Does this sound reasonable?

    Thanks a lot:-)


    "Harry Ohrn" <harry---@webtree.ca> wrote in message
    news:ejIq$mxTFHA.1600@TK2MSFTNGP10.phx.gbl...
    > You're welcome and good luck.
    >
    > --
    >
    > Harry Ohrn MS-MVP [Shell/User]
    > www.webtree.ca/windowsxp
    >
    >
    > "Online Traveller" <user@server.ca> wrote in message
    > news:SNjde.777$3U.197887@news20.bellglobal.com...
    > > Thank you very much for your help, I do appreciate it :-) I will
    > > investigate those links.
    > >
    > > "Harry Ohrn" <harry---@webtree.ca> wrote in message
    > > news:OhDvHstTFHA.2420@TK2MSFTNGP12.phx.gbl...
    > >> Unfortunately once System Restore points are corrupt there is no way to
    > >> repair them. You may wish to visit one of the sites dedicated to
    removal
    > > of
    > >> spyware/malware and the likes. An excellent resource is found here
    > >> http://aumha.org/win5/a/parasite.htm Jim Eshelman also has a forum
    which
    > >> really should be helpful to you
    > >>
    http://aumha.net/viewforum.php?f=28&sid=af5cda8b56e8f372951fcc1c73ba5e1b
    > >>
    > >> --
    > >>
    > >> Harry Ohrn MS-MVP [Shell/User]
    > >> www.webtree.ca/windowsxp
    > >>
    > >>
    > >> "Online Traveller" <user@server.ca> wrote in message
    > >> news:hcide.3071$VL3.131033@news20.bellglobal.com...
    > >> > Thanks for your suggestion but it didn't work. I used your method
    and
    > >> > systematically tried every restore point I had. I went right back to
    > >> > April
    > >> > 1st :-)
    > >> >
    > >> > I keep getting Restoration Incomplete.
    > >> >
    > >> > I really don't want to re-install XP as I'm so busy right now.
    Having
    > > to
    > >> > reinstall XP now and all my programs would really be a great hardship
    > > for
    > >> > me
    > >> > at this point, but I guess that is what the virus writers do only
    hope
    > > for
    > >> > :-)
    > >> >
    > >> > Is there any way around this?
    > >> >
    > >> > Thanks a lot :-)
    > >> >
    > >> > PS:
    > >> >
    > >> > The folder causing me all this heartache is in the windows folder and
    > > the
    > >> > name of it is isrvs. My anti-virus program says to delete it but I
    > >> > refuses
    > >> > to be deleted. The two dll files that refuse to leave my life are
    > >> > mfiltis.dll and clientax.dll. This is bad and very virulent stuff,
    it
    > >> > would
    > >> > appear.
    > >> >
    > >> >
    > >> >
    > >> >
    > >> > "Harry Ohrn" <harry---@webtree.ca> wrote in message
    > >> > news:OIbLAerTFHA.2908@TK2MSFTNGP10.phx.gbl...
    > >> >> You might be able to run System Restore before Safe Mode completely
    > > loads
    > >> > by
    > >> >> using the following:
    > >> >> 1 Re-boot your PC
    > >> >> 2 As the PC is booting up keep tapping the F8 button
    > >> >> 3 When the Option Menu appears on screen select the Safe Mode with
    > >> >> Command
    > >> >> prompt option
    > >> >> 4 At the safe mode command prompt type:
    > >> >> %systemroot%\System32\restore\rstrui.exe
    > >> >> 5 System Restore will now open and you can choose the relevant
    restore
    > >> > point
    > >> >>
    > >> >> --
    > >> >>
    > >> >> Harry Ohrn MS-MVP [Shell/User]
    > >> >> www.webtree.ca/windowsxp
    > >> >>
    > >> >>
    > >> >> "Online Traveller" <user@server.ca> wrote in message
    > >> >> news:tSdde.2876$VL3.81097@news20.bellglobal.com...
    > >> >> >I inadvertently left my anti-virus disabled the other day on my
    > > Windows
    > >> > XP
    > >> >> > Pro computer and downloaded malware from a web page. This malware
    > >> >> > installed
    > >> >> > itself on my PC without my permission.
    > >> >> >
    > >> >> > I was able to remove most of it by running the anti-virus scanner
    > > with
    > >> > XP
    > >> >> > in
    > >> >> > safe mode.
    > >> >> >
    > >> >> > However one file is particularly stubborn and will not be removed.
    > >> >> >
    > >> >> > So I restarted in safe mode and attempted to do a System Restore
    to
    > > an
    > >> >> > earlier point prior to my malware infection.
    > >> >> >
    > >> >> > I restarted in safe mode and logged in as Administrator however
    the
    > >> >> > restore
    > >> >> > continues to fail. It seems like a portion of the malware loads
    > >> >> > even
    > >> >> > in
    > >> >> > safe mode and interferes with the System Restore function.
    > >> >> >
    > >> >> > My question: how can I boot XP Pro system into safe mode to run
    the
    > >> >> > system
    > >> >> > restore successfully? Can I do it from the (writeprotected) XP
    > >> >> > setup
    > >> >> > discs
    > >> >> > or an XP start up disc? I would just like to restore the system
    > >> >> > back
    > >> >> > to
    > >> >> > the
    > >> >> > state of last Thursday:-) I got this problem this morning around
    7
    > > am
    > >> > and
    > >> >> > this has turned out to be a rather long and tiring day:-)
    > >> >> >
    > >> >> > Thanks a lot:-)
    > >> >> >
    > >> >> >
    > >> >>
    > >> >>
    > >> >
    > >>
    > >>
    > >
    >
    >
Ask a new question

Read More

Safe Mode Malware Windows XP System Restore