>>>>Glad you got it sorted.
>>>>
>>>>If you've tried all 3 of the products you mentioned, and they didn't fix it, the only thing left is to reformat and reinstall everything from scratch. But if your customer has moved to a Mac and doesn't need to use the PC anymore, maybe you don't have to bother.
>>>>
>>>
>>>Maybe one more thing to try: ComboFix
>>
>>Have you had success using that, where the other ones failed?
>
>Yes. In particular, rootkits.
>
>>
>>I think my biggest concern is, basically, that a computer be trustworthy. These days, if any malware finds a crack in your defenses to load itself, it loads a whole smorgasbord of associated crap. Does any single antimalware product, or even a group of them, fix all that? How can anyone be sure?
>>
>
>The way I look at it, I'll go to extreme measures to salvage valuable data. Combofix has stabilized 3 machines in my experience, long enough to do a salvage. Would I trust them to be completely free of infection? Of course not. Were they usable afterwords - yes. All three were running current versions of internet suite protection systems, and still got clobbered. All reported as clean following my work. Shrug.
>
>>Just one recent example, a lot of people didn't realize they were compromised until they tried to install a certain Windows update: http://blogs.technet.com/b/msrc/archive/2010/02/17/update-restart-issues-after-installing-ms10-015-and-the-alureon-rootkit.aspx
>>
>>So, if you get infected, you can:
>>
>>1. Reformat and reinstall from scratch (recent image backups help a lot here):
>>
>>+ guaranteed successful removal of malware
>>+ system is known trustworthy afterwards
>>- could take a while if you don't have good backups
>>- could lose some data or settings if no image backup available
>>
>>2. or, try to remove the infection(s):
>>
>>+ may be quicker if standard tools can identify the problem(s)
>>+ may preserve some data and settings that could be lost with a reformat/reinstallation
>>- may NOT be quicker than restore of a known good image
>>- no guarantee of success
>>- is computer really trustworthy afterwards?
>
>Nice summary, and no argument from me, Al. Only my customers can put a price on their data. I am still amazed at the number of people with CD/DVD burners in their boxes that haven't a clue how to save their own data.

Or these days, cheap USB external hard drives - or even capacious USB flash sticks.

Thanks for the info on ComboFix, especially where you've had success against rootkits. Sounds like another good tool for the toolbox.