[SGVLUG] Need help with clearing popups from windows system

[Emerson, Tom]

> -----Original Message----- Of Claude Felizardo
> On 9/5/06, Alex Roston <tungtung at pacbell.net> wrote:
> > [...] I haven't fooled with it 
> > lately, but at one point it was possible to do a "hot" reinstall of 
> > Windows, and this didn't work very well for replacing files 
> which had 
> > been deliberately buggered.
> 
> Hang on, are you saying it is possible to reinstall windoze 
> on top of an existing system and not have to reinstall all of 
> your apps?  I mean I thought one of the problems with windoze 
> is that it's still difficult to determine if your data files 
> are stored in a subdirectory of the App or in one of the "My 
> blah" folder.  Can you repair in place?

Well, I can see two (or more) problems with this approach: as I
understand it, every application "registers" itself in the registry
during installation, if you re-install, wouldn't it re-write the
registry from scratch?  (meaning you'll have the executables "in place"
for your userland apps, but windows wouldn't be "aware" of them)  If it
doesn't rewrite the registry, anything "hidden" in the registry that
triggers an infection will still be there (i.e., anything defined to
"run at boot time")

Secondly, if a non-microsoft application has been contaminated, and that
in turn contaminates system files (so as to hide itself from scans), you
haven't actually eliminated the problem (the trojan is still out
there...)  I suppose, though, the system would be "innoculated" in a
sense in that some viruses will check before infecting, so the system
*may* appear infected and the virus doesn't re-infect the system.  Of
course, the virus writer might take the easy route and ALWAYS infects
every time it runs, but that's another matter entirely...