Major MyDoom Infestation -- Can it be Fixed?
This one's starting to drive me rather nuts. Never had this much trouble before.
I'm working on my first-ever client (yay for James's start-his-own-business dream!), and his computer is really, really screwed. He had no AV whatsoever, so he is rather owned. Malware is eating up memory like crazy, IE is hijacked to the point if being rendered unusable, and the OS is consequently shot to heck.
IE's his only browser, so I couldn't connect to the Internet to download Firefox due to the sever hijacking. So, I finally burned Firefox, AVG, Kerio, Spybot, and Adaware to CD and went at it that way. And here's where it gets fun.
I can't install an AV. During AVG setup, it tells me shell.dll is missing. MyDoom's doing I presume? I'm sure there's a host of other infections as well. Anyway, I did a repair install (this is W2k by the way) in hopes of restoring the .dlls. Nope. Evidently the infections are moving fast enough to where I'm screwed even booting in safe mode the first time. No shell.dll = no AV = infestations stay!
Not one to be outdone, I had another idea. I tried networking my secure XP box to the screwed up 2000 box via a null modem cable. Set the entire C drive to "shared" on the 2k box. So I'm thinking now I can scan the infected box's drive with my secured box's AVG. Nope. Even though they detect each other, I get a "limited connection" on the XP side, and it won't access the C drive of the other computer even though it's set to shared with full permissions all across the board. I've been looking all over configs on both machines and can't figure out for the life of me what's preventing them from interacting properly.
Surely I can get this fixed without an OS reinstallation though, I'm refusing to call it quits. So, can you guys throw some input at me? What I have I missed? I'm sure there's some elementary something I've overlooked in all likelihood...