Relatives machine -- infected files -- cleaning up the damage
ESET anti-virus found 4 infected files which were quarantined. The files were "probably a variant of Win32/InstallIQ potentially unwanted application". Examination of the machine shows a few problems.
In the root of C drive, there are several directories that are composed of strings of characters. Some of these strings are 30 characters long. I'm assuming these directories were created by windows updates over time. One of these directories is:
and it contains a subdirectory called "Start Menu". This Start Menu gives "access denied" error if I attempt to enter it. The permissions "read only" and "hidden" are unchecked.
Now -- To the point -- If I right-click the "Start" button and select "explore", XP complains:
C:\980b8ba83e25aa813c\StartMenu is not accessible
Access is denied.
So .... something has taken the explorer pointer from C:\windows and has set it to C:\980b8ba83e25aa813c\StartMenu.
Also, all the menu items in my Start --> Programs menu are gone. Clicking on the "programs" entry shows: (Empty)
Any ideas on how to fix these problems?
More aboutrelatives machine infected files cleaning damage
Best thing is to make sure they have their files backed up and format the drive, re-install Windows. Or run a repair setup of Windows.
Even if you clean out the viruses, the damage they did will be almost impossible to fix on that system.