 |
 |
I find that reformatting is usually not necessary. Here's how I clean up a machine. 1) Download autoruns, check 'hide microsoft signed entries', refresh, and go through line by line, writing down the file names of obvious viral infections, such as c:\windows\system32\qalskj.dll 2) If you have a rootkit or think you do, use Icesword to detect. 3) Don't even think about using safe mode. This stuff still loads in safe mode. You must use a boot disk. 4) Boot off a CD of some sort. Some linux disks may work, but I use the Windows install disc and go into the command line/recovery mode and delete the files. You need access to the windows partition to delete files. 5) Boot normally, run autoruns again and delete the entries. 6) Use an online scanner like the ones mentioned previously to clean up any residual, but if you've deleted all the files, you won't have an active infection. I find that using any sort of program to remove an active infection is fairly useless these days. System should be clean if you've carefully deleted every file that doesn't belong.