One of my three home systems was recently infected with something nasty -- Super AntiSpyWare detected Trojan.dropper, and i was blocked from update sites and was experiencing redirects from Google search results. Numerous scans with various products turned up nothing futher, although the unwanted behavior continued.
After reviewing some similar threads, it looked like I could end up chasing this hidden culprit (and possibly my own tail) for quite a while. So I began considering a reformat/re-install solution, which ultimately lead me to a really great disk imaging solution to make this process way easier the next time around (and I'm sure there will be one).
First of all, if you haven't already read it, there is an extensive post on reformat/reinstall at http://www.dslreports.com/faq/10063. There are a ton of websites out there with instructions on how to do a reformat/reinstall of Windows XP -- for example, http://www.ehow.com/how_4900870_format-reinstall-windows-xp.html and http://lifehacker.com/software/wind...nd-install-windows-xp-from-scratch-157578.php.
I took a look at my C: drive and found that I had actually followed best practices and had very little on that drive other than system files. I backed up My Documents, my email (Outlook Express), and a few other folders to a separate drive on the same system, then I dived into the reformat/reinstall.
This is pretty straightforward and takes about 30-40 minutes. When you're done, you have a out-of-date version of Windows installed on your system. At this point, it's a good idea to install your anitvirus program of choice.
You can then configure your network access, and start downloading virus and Windows updates. The Windows updates take a loooong time, because there are a lot of them, and there are dependencies, so you have to go through the drill multiple times, rebooting each time. SP2 and SP3 are loaded separately and take quite a bit of time on their own. If you reinstall MS Office, be sure to get the updates for that as well.
Then it's time to update any remaining drivers and reinstall all your software. This was not too onerous for me, as I had all my CDs or downloads at hand. The most bothersome was getting the right drivers for the VIA chipset, but a quick look at the motherboard documentation gave me the info I needed to locate them on the internet.
Great! So now I had a clean, shiny, pristine installation, just the way I want it. To help make this simpler in the future, I decide to investigate making an image of this installation in the likely event I get hosed again by some future malware.
Fortunately, I found a terrific freeware application for doing this, Macrium Reflect (http://www.macrium.com/reflectfree.asp). My installed OS and app files amounted to about 11 GB, I was able to do a disk image to a drive on another computer on my home network, which ended up about 7 GB in size. You can also create a boot disk for restoring the image, using BartPE and a Macrium Reflect plug-in.
So, although it took a while, I have a 1) a pristine install, and 2) an image of that install that I can recreate in under an hour. From now on, I'll be doing this any time I configure a new system. Despite the work, I really feel like I ended up better off than trying to clean my old system.
This entire effort broke down like this:
- back up data files - 30 mins (mostly figuring out what to back up)
- reformat and reinstall windows - about 45 mins
- reinstall drivers - 45 mins (mostly searching on the internet)
- reinstall apps - 60 mins
- restore backed up folders - 30 mins (some importing req'd for email)
- download Windows updates - 45 - 60 mins
- download virus updates, misc - 30 mins
- install disk imaging software, make image - 60 minutes
But, as mentioned above, the next time, I'll be limited to the data backups (30 minutes) and less than an hour to do the image install. Sweet!
After reviewing some similar threads, it looked like I could end up chasing this hidden culprit (and possibly my own tail) for quite a while. So I began considering a reformat/re-install solution, which ultimately lead me to a really great disk imaging solution to make this process way easier the next time around (and I'm sure there will be one).
First of all, if you haven't already read it, there is an extensive post on reformat/reinstall at http://www.dslreports.com/faq/10063. There are a ton of websites out there with instructions on how to do a reformat/reinstall of Windows XP -- for example, http://www.ehow.com/how_4900870_format-reinstall-windows-xp.html and http://lifehacker.com/software/wind...nd-install-windows-xp-from-scratch-157578.php.
I took a look at my C: drive and found that I had actually followed best practices and had very little on that drive other than system files. I backed up My Documents, my email (Outlook Express), and a few other folders to a separate drive on the same system, then I dived into the reformat/reinstall.
This is pretty straightforward and takes about 30-40 minutes. When you're done, you have a out-of-date version of Windows installed on your system. At this point, it's a good idea to install your anitvirus program of choice.
You can then configure your network access, and start downloading virus and Windows updates. The Windows updates take a loooong time, because there are a lot of them, and there are dependencies, so you have to go through the drill multiple times, rebooting each time. SP2 and SP3 are loaded separately and take quite a bit of time on their own. If you reinstall MS Office, be sure to get the updates for that as well.
Then it's time to update any remaining drivers and reinstall all your software. This was not too onerous for me, as I had all my CDs or downloads at hand. The most bothersome was getting the right drivers for the VIA chipset, but a quick look at the motherboard documentation gave me the info I needed to locate them on the internet.
Great! So now I had a clean, shiny, pristine installation, just the way I want it. To help make this simpler in the future, I decide to investigate making an image of this installation in the likely event I get hosed again by some future malware.
Fortunately, I found a terrific freeware application for doing this, Macrium Reflect (http://www.macrium.com/reflectfree.asp). My installed OS and app files amounted to about 11 GB, I was able to do a disk image to a drive on another computer on my home network, which ended up about 7 GB in size. You can also create a boot disk for restoring the image, using BartPE and a Macrium Reflect plug-in.
So, although it took a while, I have a 1) a pristine install, and 2) an image of that install that I can recreate in under an hour. From now on, I'll be doing this any time I configure a new system. Despite the work, I really feel like I ended up better off than trying to clean my old system.
This entire effort broke down like this:
- back up data files - 30 mins (mostly figuring out what to back up)
- reformat and reinstall windows - about 45 mins
- reinstall drivers - 45 mins (mostly searching on the internet)
- reinstall apps - 60 mins
- restore backed up folders - 30 mins (some importing req'd for email)
- download Windows updates - 45 - 60 mins
- download virus updates, misc - 30 mins
- install disk imaging software, make image - 60 minutes
But, as mentioned above, the next time, I'll be limited to the data backups (30 minutes) and less than an hour to do the image install. Sweet!
