C
certsnsearches
If I reformat my hard drive will that remove any/all viruses
on my pc?
Brian
on my pc?
Brian
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
G
GSV Three Minds in a Can
from the wonderful person said:If I reformat my hard drive will that remove any/all viruses
on my pc?
Yes; but that's like saying a body-transplant will cure all your medical
problems - true, but rather un-necessarily drastic in most cases. And if
you are infested, and don't figure out why/how and take steps to prevent
it, your new installation will be similarly infested in a very short
time.
J
Jeebus Whistlehands
If I reformat my hard drive will that remove any/all viruses
on my pc?
That's like killing a fly with a sledge hammer. Why not just use an up
to date a reputable AV program instead?
C
certsnsearches
Jeebus Whistlehands said:That's like killing a fly with a sledge hammer. Why not just use an up
to date a reputable AV program instead?
I have NAV fully updated and still got infected with the backdoor.trojan in
a file called dviX.exe in windows/system32.
NAV identified two during a scan but only one could be both quarantined and
deleted
and the other could not even be deleted.
So this pc newbie is at a loss as to what to do and not exactly sure how
dangerous this
trojan thing can be.
Brian
C
certsnsearches
Point taken GSV...many thanks.
Brian
Brian
GSV Three Minds in a Can said:Yes; but that's like saying a body-transplant will cure all your medical
problems - true, but rather un-necessarily drastic in most cases. And if
you are infested, and don't figure out why/how and take steps to prevent
it, your new installation will be similarly infested in a very short
time.
D
David H. Lipman
If your PC is unstable due to the "Chaos and Complex Systems" phenomenon then yes, a wipe of
the OS and reinstallation will cure all ills.
Dave
|
| | > On Fri, 3 Oct 2003 01:47:24 +0100, "certsnsearches"
| >
| > >If I reformat my hard drive will that remove any/all viruses
| > >on my pc?
| >
| >
| > That's like killing a fly with a sledge hammer. Why not just use an up
| > to date a reputable AV program instead?
|
| I have NAV fully updated and still got infected with the backdoor.trojan in
| a file called dviX.exe in windows/system32.
| NAV identified two during a scan but only one could be both quarantined and
| deleted
| and the other could not even be deleted.
| So this pc newbie is at a loss as to what to do and not exactly sure how
| dangerous this
| trojan thing can be.
|
| Brian
|
|
the OS and reinstallation will cure all ills.
Dave
|
| | > On Fri, 3 Oct 2003 01:47:24 +0100, "certsnsearches"
| >
| > >If I reformat my hard drive will that remove any/all viruses
| > >on my pc?
| >
| >
| > That's like killing a fly with a sledge hammer. Why not just use an up
| > to date a reputable AV program instead?
|
| I have NAV fully updated and still got infected with the backdoor.trojan in
| a file called dviX.exe in windows/system32.
| NAV identified two during a scan but only one could be both quarantined and
| deleted
| and the other could not even be deleted.
| So this pc newbie is at a loss as to what to do and not exactly sure how
| dangerous this
| trojan thing can be.
|
| Brian
|
|
C
certsnsearches
No David, it's not unstable...I just don't know what the next step is or
what damage
or vulnerability I'm exposed to now.
Brian
what damage
or vulnerability I'm exposed to now.
Brian
A
Adam Russell
certsnsearches said:If I reformat my hard drive will that remove any/all viruses
on my pc?
Sometimes that is exactly what it takes. I had a computer in the lab at
work which was used and abused by everyone. Norton would delete a new file
every day. When I complained to the IT guy he told me if norton deleted the
file then it's no longer infected. After the third time he told me that I
called him up and told him the hard drive accidently got repartitioned.
oops.
S
Sugien
certsnsearches said:If I reformat my hard drive will that remove any/all viruses
on my pc?
Brian
Reformatting will remove 99.98% of known virus; but it will not remove
100% of the known virus. However reformatting to remove a virus usually is
not recommended; because is it like using an atomic bomb on someone that
egged your house and most all virus can be fixed and or removed using AV
software. There are however some boot track infectors which a regular
format will not touch and also some that encrypt the boot track and or move
the boot track to another place on the hard drive and then when you format
the encrypted boot track points the format program to another part of your
hard drive and you are only formatting what was moved and not the encrypted
boot track. Some virus although thankfully very rare virus which can only
be removed using fdisk. Most newer hard drives no longer need to have a LLF
(low level Format) performed; because the structure of the HD is different
in modern HD's then those in years back; but in most cases if it is one of
those rare critters you most times unless you are a very competent PC user
should leave that to the professionals.
There are also some PC makers that use special portions of the hard
drive to store information needed for the hard drive to function and a
format and or a fdisk can render those hard drives un-usable unless and or
until you download a special program that creates a bootable floppy disk
that when used when you boot up recreate the special portion of the HD.
Compaq and HP are two of the pc makers that use to do this quite often. I
am not sure however if the newer systems today still employ any of those
types of methods. Some of the Compaq recovery CD's would refuse to work and
restore your Compaq system if the special portion of the HD was removed and
you then were required to use a special sequence of keys when booting up to
the CD in order to have the system see the recovery CD.
As always your mileage may vary with my advice;o) but I thought I
would just point out that a formatting a HD will NOT remove 100% of known
virus.
K
kurt wismer
certsnsearches said:If I reformat my hard drive will that remove any/all viruses
on my pc?
i'm surprised at the answers you've gotten so far...
the correct answer is *NO*... there are some viruses that reside in a
location that format cannot touch... they aren't too common these days,
but they do still exist - they're called mbr infectors... formatting in
the case of one of these will remove everything *except* the virus...
there is no better weapon to use against viruses than knowledge -
format has no knowledge of viruses...
O
optikl
certsnsearches said:I have NAV fully updated and still got infected with the backdoor.trojan in
a file called dviX.exe in windows/system32.
NAV identified two during a scan but only one could be both quarantined and
deleted
and the other could not even be deleted.
So this pc newbie is at a loss as to what to do and not exactly sure how
dangerous this
trojan thing can be.
Brian
Reboot into Safe Mode and try deleting it that way. If you have a win9x
system, you can boot to DOS and delete the file that way. Check the Symantec
web-site to get more information on that Trojan. They may have manual
removal instructions which include checking win.ini and system startup files
to make sure that backdoor isn't being called at start up.
S
Sugien
kurt wismer said:i'm surprised at the answers you've gotten so far...
really? my answer was about the same as yours, except that I went into a
little more detail as to why a format would not remove 100% of the virus
the correct answer is *NO*... there are some viruses that reside in a
location that format cannot touch... they aren't too common these days,
but they do still exist - they're called mbr infectors... formatting in
the case of one of these will remove everything *except* the virus...
there is no better weapon to use against viruses than knowledge -
format has no knowledge of viruses...
Looks like only you and I knew that a format would not remove 100% of
virus<s> or at least we were the only two willing to say so;o)
F
Frank Murphy
G
GSV Three Minds in a Can
Bitstring <[email protected]>, from the
Depends on what level you reformat =to=. If you low level format and
rewrite the MBR then everything is gone. Besides, it's been years since
I saw a boot sector virus in the wild.
wonderful person Sugien said:Looks like only you and I knew that a format would not remove 100% of
virus<s> or at least we were the only two willing to say so;o)
Depends on what level you reformat =to=. If you low level format and
rewrite the MBR then everything is gone. Besides, it's been years since
I saw a boot sector virus in the wild.
C
certsnsearches
Many thanks optikl.
I rebooted into safe mode and NAV then deleted the file
with no apparent problems so far.
Very relieved and grateful to all who replied.
Brian
I rebooted into safe mode and NAV then deleted the file
with no apparent problems so far.
Very relieved and grateful to all who replied.
Brian
D
David
If you look up the particular malware at Symantec's and or TrendMicro's
websites they will usually give you a good explanation of what each
particular infection will or can do. From there it will often tell you how
to properly clean the system. Some of the information will tell you what is
possible for information stealing, etc. and this information will often lead
you to a decision on whether or not a total system reinstall is necessary.
That said unfortunately backdoor.trojan as identified by NAV is a detection
for any number of generic trojans. The description and instructions on their
site are very generic so it doesn't necessarily tell you exactly what was
possible. If you search their site or google for the names of the detected
files then you may get some more information on the exact trojan package
that you may have gotten. If for example you find that one of the files is
known to be part of an IRC client, and you are not using a firewall that
would have or did in fact block such activity then anything is possible and
you might come to the conclusion that reformat and reinstall with new user
accounts/passwords etc. is necessary.
In your case "dviX.exe" comes up with google as an old windows x terminal.
Fortunately you quarantined as opposed to deleting. You would want to try to
verify by file size, functionality, etc. whether this is actually what the
file is or whether it is simply just something else renamed. If it is what
it appears to be it would allow someone to run programs on your machine
while viewing them at their machine......Not good! Maybe it is something you
purposely installed? The nature of this particular exe tells me you would
know if you did or not.It is from a program called DESQView/X.
In any case the more you research the problem the more you will lean in a
certain direction as to what is necessary to be sure your system is cleaned
appropriately and the more you may learn about how you may have gotten
infected which will help you better configure your system. If you had a
personal firewall for example that had application protection it would have
prompted you the first time the program tried to "phone home" and given you
a chance to stop things before anything truly damaging could have been done.
websites they will usually give you a good explanation of what each
particular infection will or can do. From there it will often tell you how
to properly clean the system. Some of the information will tell you what is
possible for information stealing, etc. and this information will often lead
you to a decision on whether or not a total system reinstall is necessary.
That said unfortunately backdoor.trojan as identified by NAV is a detection
for any number of generic trojans. The description and instructions on their
site are very generic so it doesn't necessarily tell you exactly what was
possible. If you search their site or google for the names of the detected
files then you may get some more information on the exact trojan package
that you may have gotten. If for example you find that one of the files is
known to be part of an IRC client, and you are not using a firewall that
would have or did in fact block such activity then anything is possible and
you might come to the conclusion that reformat and reinstall with new user
accounts/passwords etc. is necessary.
In your case "dviX.exe" comes up with google as an old windows x terminal.
Fortunately you quarantined as opposed to deleting. You would want to try to
verify by file size, functionality, etc. whether this is actually what the
file is or whether it is simply just something else renamed. If it is what
it appears to be it would allow someone to run programs on your machine
while viewing them at their machine......Not good! Maybe it is something you
purposely installed? The nature of this particular exe tells me you would
know if you did or not.It is from a program called DESQView/X.
In any case the more you research the problem the more you will lean in a
certain direction as to what is necessary to be sure your system is cleaned
appropriately and the more you may learn about how you may have gotten
infected which will help you better configure your system. If you had a
personal firewall for example that had application protection it would have
prompted you the first time the program tried to "phone home" and given you
a chance to stop things before anything truly damaging could have been done.
C
C Wood
: Bitstring <[email protected]>, from the
: wonderful person Sugien <[email protected]> said
: <snip>
: >Looks like only you and I knew that a format would not remove 100% of
: >virus<s> or at least we were the only two willing to say so;o)
:
: Depends on what level you reformat =to=. If you low level format and
: rewrite the MBR then everything is gone. Besides, it's been years since
: I saw a boot sector virus in the wild.
:
Our standard script:
boot from floppy
fdisk /mbr
(write new autoexec)
reboot
format.
That kill's em all and take 1 more reboot, maybe 30 secs longer.
But, as you mention, there's not many "monkey" viruses around any more.
: wonderful person Sugien <[email protected]> said
: <snip>
: >Looks like only you and I knew that a format would not remove 100% of
: >virus<s> or at least we were the only two willing to say so;o)
:
: Depends on what level you reformat =to=. If you low level format and
: rewrite the MBR then everything is gone. Besides, it's been years since
: I saw a boot sector virus in the wild.
:
Our standard script:
boot from floppy
fdisk /mbr
(write new autoexec)
reboot
format.
That kill's em all and take 1 more reboot, maybe 30 secs longer.
But, as you mention, there's not many "monkey" viruses around any more.
P
Peter
certsnsearches said:If I reformat my hard drive will that remove any/all viruses
on my pc?
Brian
Apparently not if you end up with a virus that resides in the boot sector of
your hard disk, so I've been reliably informed. There is software around now
that can deal with that, but don't ask me where to find it. Fortunately
those sort of viruses aren't that common these days.
CC
P
Peter
Sorry, I didn't read all the previous posts. Can you explain fdisk /mbr?C Wood said:: Bitstring <[email protected]>, from the
: wonderful person Sugien <[email protected]> said
: <snip>
: >Looks like only you and I knew that a format would not remove 100% of
: >virus<s> or at least we were the only two willing to say so;o)
:
: Depends on what level you reformat =to=. If you low level format and
: rewrite the MBR then everything is gone. Besides, it's been years since
: I saw a boot sector virus in the wild.
:
Our standard script:
boot from floppy
fdisk /mbr
(write new autoexec)
reboot
format.
That kill's em all and take 1 more reboot, maybe 30 secs longer.
But, as you mention, there's not many "monkey" viruses around any more.
It's the' /mbr' bit that escapes me. I thought you couldn't repartition an
already partitioned disk.
F
FromTheRafters
certsnsearches said:If I reformat my hard drive will that remove any/all viruses
on my pc?
Short answer ~ no.
Longer answer ~ it depends on the virus and whether or not
the PC's OS is susceptible to BSIs.