Viruses That Won’t Go Away

by on November 2, 2007

Q: Recently, I ran Spybot and AVG. The two programs came back with viruses, which I deleted immediately. Now, I am having problems. One problem is with the response time and the other is that I cannot get on line. After my computer has been running for about 3 minutes, it automatically slows down with its response time. I opened up the task manager and noticed that both the winlogon.exe and csrss.exe are using all of the CPU, which is at 100%. I switched their priority level on the winlogon.exe from high to normal and the response time seems to be ok, even the number of the CPU remains between 50-70. From there, I re-ran Spybot and AVG and they came back with no viruses. However, I still have the some problems. I have done some research online, from another computer, and tried different avenues. One was starting my computer in safe mode. I did, and after 3 minutes of running the computer reboots itself back into normal mode. Is there a way to tap into the hardware and found out if there is a problem? Do you any suggestions what to do?

A: I am 99% certain of what your problems is, and of how to fix it. Something that most people don’t realize about computer viruses is that even after they have been removed, they still leave something behind. Let’s put this in human terms for a moment. Imagine that someone named Jane had a stroke a few years ago. That which caused the stroke is probably gone from Jane’s body by now. But Jane may still be dealing with the effects of the stroke. She may walk with a limp, not have full control of her facial muscles, and so on.

Computer viruses are similar to strokes in that damage caused by the viruses will remain in your computer even after the viruses have been removed. This is a secret that the antivirus companies do not want you to know! Of course, humans can undergo physical therapy to overcome the effects of a stroke. No such luck with computers and viruses I’m afraid… Repairing your computer will require reformatting your hard drive and reinstalling Microsoft Windows. Here are some instructions to help you:

  1. Create backups of all-important data using external media (CD, DVD, or external drive)
  2. From an uninfected computer with a CD burner, download the GWSCAN utility from Gateway Computers. Running the downloaded file from the uninfected computer will create a bootable CD-ROM that you can use on your infected machine.
  3. Use the write zeros option in GWSCAN to do a full erase of all hard drives on your computer. Writing zeros to your hard drive is better than doing a normal re-install of Windows because normal re-installs sometimes leave old data behind — such as viruses.
  4. At this point you will need the operating system disk that came with your computer. If you didn’t get an operating system disk with your machine, you may have gotten a “system restore” disk. WARNING: do not use any of the system restore utilities that are built into your computer, as they could allow you to get reinfected by viruses! If you do not have the necessary disks, contact the manufacturer of your computer to order them. In my experience, Dell will send you an operating system disk for free (or very low cost). HP will not send operating system disks, but will ship system restore disks to you for a fee. I encourage you to complain about this policy if you own an HP.
  5. Reinstall Windows.
  6. DO NOT transfer your files back to the computer until you have updated Windows, installed security software, and run a full security scan on the files.

Believe me, I know how annoying it is to have to reinstall Windows. But when a virus has infected your computer, there is little else left to do but start over.