A. Since spyware is a bigger problem today than viruses, and spyware is typically harder to find and get rid of, I suggest to start looking for spyware too.
Use Lavasoft's Ad-Aware and Spybot S&D - get the links to them from my web site - http://scriptco.net/secure.htm
*** B. Turn off System Restore
WinXP has a cool feature called System Restore. It is used to restore your computer to an earlier configuration in case of a problem. The only problem is that it wasn't made with parasites in mind, and often it can't tell the difference between an infected file and a good file, so it might automatically restore an infected file also if it had been in a protected area, effectively re-infecting your computer. Because of this, it is recommended to turn off System Restore before you test, and when you're done, turn it back on so you are still protected from standard computer problems.
Click Start.
Right-click the My Computer icon, and then click Properties.
Click the System Restore tab.
Check "Turn off System Restore" or "Turn off System Restore on all drives."
Click Apply.
When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
Click OK.
C. Windows Tip
Windows itself, by default, hides certain files, system folders or file extentions from the user to make it easier to navigate. If you are having to find an infected file or just one you are looking for, this can cause you to not find it. If you wish you may change this to show all of the files on your computer.
Open your My Computer icon (Either from your desktop or the Start Menu) Click the Tools menu and select Folder Options(on older systems it may be in the View menu) Select the View tab and scroll through the Advanced settings Enable or disable the following (using a checkmark to enable)
enable - Show hidden files and folders
disable - Hide extentions for known file types
disable - Hide protected operating system files (WinME and WinXP only)
Now click Apply and Ok
========
D. How to find an embedded infection
AVG 7 Free now detects infections in areas that it was unable to before. The most notable are ones embedded inside of archives. Since AVG can't determine if you created the archive or if it was a parasite that created it, they leave these alone so you may have a chance to recover uninfected files from the archive and then you simply delete the archive when done. Infections that are inside of an archive aren't a direct threat to your system unless the file gets extracted to allow it to run. Grisoft has chose this method because it is safer for your data that the archive may contain.
For someone that is new to looking for these embedded infections, it can be a little confusing with the way that AVG will list the file because it also must include the archive file name that contains it in the full path/filename. The following is an example that I made up to highlight the info so you will know which filename to look for so you may either extract files and or delete the correct file. I will color code these for you, but AVG will not.
AVG will give you a name like...
C:\Windows\Temp\InfectedArchive.cab:\InfectedFile.exe
The location of the file is in C:\Windows\Temp The archive that contains the infection is InfectedArchive.cab And the actual infected file inside of the archive is InfectedFile.exe
Note the ":\" that seperates the archive from the file it contains. After you have recovered any files inside of the archive that you may want to keep (other than the infected one that is) just simple delete the whole archive.. in this example the file to delete would be InfectedArchive.cab
It looks harder than it really is.. just remember the file you want to look for is named just before the last ":\"
Most of the time, you won't have any files to recover inside of the archives. The only time this isn't true is if it is an archive that you had created yourself. If you didn't create it.. just delete and move on.