I sympathize, the people who wrote this junk should be sentenced to 6 months
servitude at the hands of MVPs (I'm sure we could think of "Something"
useful for them to do) with the alternative sentence of castration by rusty
scissors and no anesthetic.
Having said that you won't do any harm by copying his My documents and stuff
he needs to keep and see this site for how to back up Outlook Express
because having a good copy of the .DBX files is at least some security so if
you screw up you can always try again.
http://www.insideoe.tomsterdam.com/
IE "Bookmarks" are kept in a folder called "Favorites" so you can just
search for that and copy it back to his new favorites folder after you
reinstall, or you can have IE export them - no matter either way it's just a
folder.
The danger with editing the registry id mainly carelessness or haste (Been
there done that etc). As long as you double check that you have the right
keys to delete and then double check again you should have no problem. You
obviously are not a careless person by nature else you wouldn't have asked
until it was too late.
Get copies of specific drivers for printers and cameras and stuff first if
you can. Not much use copying program files folder because you can't just
copy them back in most cases, the install has to be used, so get him to go
through what he uses and make notes to ensure you can get it back. A working
system with Winfixer is better than non-working with something useful
permanently lost.
If you have to delete anything from the registry you can always select the
option to "Export Registry Key" and save it to a file on the desktop. That
way you can always double click that file and put back what you screwed up
unless you do something really bad and kill the system outright. I think the
key is to be VERY careful with the registry, not paranoid about it.
Hope this helps.
By the way some people are prone to getting this type of infection and
please ask if he can remember doing anything or surfing anywhere else just
before this happened. He did NOT get this from any official MS software
intentionally so if it was an MS product you can be fairly sure it was a
hacked version from somewhere else. Does he (or she I suppose I forgot it
might be a she, sorry) use any file sharing software? Spyware like this is
almost a guaranteed feature with any sharing software except WinMX which the
RIAA just forced to "Cease and Desist" or Shareaza which is open source,
spyware free and probably better than the others anyway. We do NOT advocate
the sharing of copyrighted materials of course but if users are going to do
it then at least do it safely.
If you can make notes of what you find please do post them back here.
Charlie
