I'm troubleshooting a Windows 7 PC for a friend. A couple of days ago it started running 'slow'. It turns out 'slow' is about 15 minutes to the first glimpse of the desktop, and another 30 to show icons. It is possible to open Task Manager, and nothing seems awry, CPU usage at 1-5%, plenty of memory free.
The machine is clearly infested with malware though, in particular a program called 'Optimizer Pro' is demanding money to 'remove 5102 files slowing down my computer'. This seems highly suspicious.
My problem is though, that I can't access msconfig (I left it for a couple of hours after having hopefully typed it into the Start Menu and hit enter - nothing seems to have loaded), or anything at all basically. I can boot from a Linux Live CD, but can I actually do anything useful from there?
System Restore hasn't fixed it either, and Safe Mode exhibits the same behavior.
Answer
I recommend reinstalling Windows
If you try to salvage the existing install you'll end up spending hours or, likely, days working on it and have nothing to show for your efforts. And even if you were able to successfully run all malware removal tools I wouldn't trust that all malware actually had been removed because, by definition, the malware authors are always one step ahead of the malware removal authors. Once a machine is infected this badly it's likely loaded with all kinds of bad stuff.
So...
- Format hard drive
- Install Windows
And, as one of the commenters suggested, you should assume that all files and data from the old install are infected and should not be trusted.
No comments:
Post a Comment