Coffeehouse Post

Single Post Permalink

View Thread: I've got a rootkit...
  • User profile image

    Why waste time attempting to remove it? The Windows installation is suspect, it is beyond repair. 

    Buy a 2.5" HDD caddy, copy off all of the files you need, format it including destroying the MBR (if it has one) then use a USB Key to reinstall Windows and copy your files back across. 

    Even if you were able to remove the rootkit, you likely won't get all of the components or be able to determine if it added a reinfection vector (e.g. added malware CA, HOSTS corruption, new trusted sites, et al).    

    The more I learn the less willing I am to ever attempt to remove infections. "Reinstall Windows" is the call of both the guru and low-hanging technical fruit alike.