Chapter 11. Preparing for the Worst: Erasing the Hard Drive

In This Chapter

• Scrutinizing System Restore (which can't be trusted after a rootkit compromise)

• Getting wise to devious malware (and why a simple format and reinstall won't work)

• Erasing your hard drive and installing the operating system

Imagine that you've done your level best, with expert help, to remove a rootkit and its accompanying payload of malware from your computer . . . and it's a bust. Your system has been corrupted throughout and can't be trusted as far as you're tempted to throw it. If your backups were made before the rootkit moved in — and they were stored on separate media — then congratulations on dodging a bullet. But if not, your existing files are suspect, and you're looking at a fairly drastic scenario just to get up and running again.