While It has been a long time since I made my living training tech support "
engineers" for Microsoft it has not been that long since I helped a friend to recover their PC after an incident, and while I generally agree with the philosophy behind artie505's nuke and pave suggestion there are several potential
gotchas in it.
- The only reinstall copy of Windows that most Windows users have is in a disk image type file on the hard drive. Nuking the hard drive nukes that image as well.
- The image can be burned to a CD/DVD but if the user already has the malware it is highly likely the image file has also been infected so unless the optical disk was burned before the infection occurred, reinstalling from that image simply reinstalls the malware. (Very few Windows users even know how to burn the optical disk or that they should burn one much less take the time to do it.)
- There are a number of free Windows anti-virus/malware applications available including Clam AV (the Windows version of ClamX AV). But most of these only detect the virus signature in incoming files and move the suspect file to a quarantine folder. They have no true disinfecting capabilities.
- The tools with disinfecting capabilities cost money to buy and typically an annual subscription fee to keep up to date, but prices are coming down with volume and competition.
- It is safe to assume there have been numerous patches to the version of Windows since the image file was created and getting back up to current status can be a long and tedious process.
All of this is why PC repair shops can, and often do charge $300 to
disinfect a $500 Windows PC. For only a "small" additional charge the user may get a optical disc copy of the installed version of Windows and an anti-virus/malware package installed. The annual subscription fee to keep the anti-virus/malware up to date is, of course, extra and paid to the publisher of the software.
One of the free Anti-virus/malware detection applications may be able to detect the presence of the particular malware on your friend's PC, but disinfecting her PC will almost certainly not be free. My suggestion would be to download and run one, or more, of the free anti-virus/malware applications and IF malware is detected or your friend is not convinced she is malware free, take the PC to a reputable local PC repair shop and have them disinfect, provide a bootable Windows install disc, and install a [/u]ood[/u] anti-virus/malware application. The cost of that is part of the cost of owning a PC and running Windows. (We never said that out loud when I worked for Microsoft.)