Originally posted by: Ken90630
I know you said you wanna figure out what got in and how to clean it for "the experience," but really, you should take the advice of mechBgon and the others who've recommended backing the files up, using DBAN to nuke the HD, and doing a fresh Windows installation.
And not to discourage your professional aspirations in the computer security field
, but I don't think you quite have a handle on what's involved here. If this is a really complicated piece of malware, like a rootkit and God-knows-what-else bundled with it, you're not likely to figure it all out anyway. With certain kinds of malware, there can literally be > a thousand infected/altered system files and who-knows-how-many permanent registry changes (including hooks), an infected boot sector on the HD, an infected and unrepairable System Restore folder, etc. And rootkit revealing scanners
can work in some instances (but certainly not all), but they're complicated and not likely to find and repair everything 100% the way it was before the infection. Do you really wanna spend dozens (if not hundreds) of hours going thru the Windows registry, item by item, fixing every altered entry (if you even can)? (Answer: No, you don't. :laugh: ) If anything is left behind, and it almost certainly will be with the kind of infection you're describing, you're gonna need to reformat and reinstall Windows anyway.
And I know of no anti-virus or anti-spyware app that will CLEAN every trace of a complex infection. You might get a list of a gazillion infected files, but after the repair process you'll likely end up with a list of files that "couldn't be repaired/cleaned." At that point, you need to jump on the Reformat Train anyway. I, too, am sometimes interested in the how and why of how some malware does what it does, but in the end, the solution is the same: Nowadys, most sophisticated malware infections warrant a reformat and fresh Windows installation.
Just my $.02. Good luck.
Facebook
Twitter