Well part of my job duties is to collect and research malware. I would always highly recommend to reinstall. When a virus is installed on your system and its ran as administrator you have just as much control over your system as the virus does. Virus can install a rootkit to patch your operating system so that you don't see its network traffic, filesystem activity, kernel operations, and registry activity. It could even patch the OS so that any tools you use will not display proper output. Now in these cases yes its possible to clean your system but is it worth the several days of research you need to do before your totally sure its removed? I would say no to most people but if your in the field or you're a researcher like Mark Russonovich from sysinternals then yes its worth it.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thane Sherrington (S) Sent: Friday, February 10, 2006 11:46 AM To: The Hardware List Subject: RE: [H] Suggested tools for helping a friend with bad virusinfestation At 03:20 PM 10/02/2006, Mesdaq, Ali wrote: >Honestly just reformat. If you were to try to clean it you would need to >be versed in rootkit detection and other kernel level skills to even be >remotely able to clean out a partially sophisticated virus. Its just >totally not worth it then you never have the peace of mind you got rid >of all of them. Man, I'm shocked at the surrender attitude coming from this list. Removing viruses and spyware is possible, and really isn't much more time consuming than a reinstall, and is much less time consuming than a reinstall plus software install plus configuration plus data recovery. (Especially since data back without virus scan makes the reinstall questionable as viruses can hide in apparent data files. T
