Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Reformatting My Computer


  • Please log in to reply
22 replies to this topic

#1 tofte

tofte

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:07 AM

Posted 25 September 2008 - 10:20 AM

Hi. Recently I had some trojan rootkit hit my computer, and decided maybe it'd be best if I reformat it and re-install windows. Catch is, I'm not really good with computers and don't really know how to do this.

It's a dell laptop, and I have windows XP running on it. Still have most of, if not all, the original cds that came with it when I purchased it. What I'm wondering is how hard this is to do? Could I risk wrecking more than I do good by attempting this when I don't really know what I'm doing?

Let me know if your need to know anything else, like what model and other stuff, and I'll get back with it. Any help'd be appreciated, thanks.

BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:03:07 AM

Posted 25 September 2008 - 10:53 AM

Hello tofte

I have a fairly standard procedure that I follow, after backing up what data I can safely save and then restoring the computer
I apply any driver updates that seem necessary, you have to go to your model's web page and compare dates, if you see newer drivers, it's best to load/update them. Next I clean the computer of useless crud and adware installed by the manufacturer. Same thing for something like norton's trial subscription, there's a special uninstaller for that.

Next I will apply the latest service pack, having the latest drivers and no security software to interfer

Then I load my security software

Last I connect to the internet

This is a pain but I believe it to be the safest approach

In your log I noticed you were running norton's and PrevxCSI, and teatimer, avoid any combination of security software that
might conflict
Chewy

No. Try not. Do... or do not. There is no try.

#3 stlolth

stlolth

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 25 September 2008 - 11:29 AM

the simplest way to do it is to use the WIN XP setup cd if you have it. if you only have a rescue disk or something like that it's much more complicated.
in case of having the setup cd you simply put the cd in the drive, restart your computer and boot from the cd. some computers give the option to choose the boot device by pressing one of the function keys during startup, like F4 or F5, or F9, but with some you have to go into the bios and set the CD/DVD drive as the first boot device.

after you boot from the CD, the easy to follow windows setup will ask you if you want to repair a windows installation or want a fresh one, and from there it's simple to follow the rest of the elaborate instructions which include the option to format your drive.

Edited by stlolth, 25 September 2008 - 11:30 AM.


#4 Guest_BlackBurst_*

Guest_BlackBurst_*

  • Guests
  • OFFLINE
  •  

Posted 25 September 2008 - 11:32 AM

It is a good idea to reformat. There's not much risk to it as long as you backup your important personal files and not any infected programs or installers.

What you should do is backup all of your personal files BUT NOT PROGRAMS or INSTALLERS onto portable flash drives, or CD-ROM or DVD-ROM or external hard drive.
Technically you could back up your hardware drivers, but you'll probably want fresh copies of those anyways since your system is
having troubles. You don't want to save programs and installers because those might be infected. But it is good to be aware of where your installers are on CD-ROM of
programs that you'll be using.

One thing that you probably should backup is any registration files for programs. Make note of serial numbers and usernames and registration codes
that you used to get your bought programs working. I like to save these in a file as well as print them up. Make sure that you write the version number and name of the software that
they go with.

The best way to reformat the hard drive(s) is to use any process that complete erases everything on it, including the partition tables and directories and all of that. I mean everything. Wiping the slate clean. Reinstalling windows without completely erasing everything first could result in still being infected or having further drive problems. The kind of reformat I'm talking about requires starting up the computer from a CD-ROM or DVD-ROM and launching a format or erase program off of that CD or DVD. Really, all you need is something that deletes all the partitions and hopefully freshes the MBR (master boot record) with a clean one.

I know of a program that does this. Just plain old AEFdisk.exe (Not AEFdisk32.exe). AEFdisk runs on DOS, but can format drives for Windows (NTFS format) or delete the partitions and refresh the MBR. The only issue is getting finding a "boot" (startup) CD or DVD to launch from and getting AEFdisk on a DOS-compatible ISO 9660 CD-ROM. I don't have an immediate solution for you on that. If you can get AEFdisk on a floppy diskette, that would work too if your computer has a floppy diskette drive. http://www.aefdisk.com/

I had a difficult time searching Google to find just a simple boot CD freeware that also has a "disk wiper" or partition deleter or whatnot. The best one I could find was Ultimate Boot CD. You could use the disk wiping tools on there, but disk wiping can take a much longer time than simply deleting partitions and the MBR. Does anybody else know of anything else? Does the Windows install CD really erase everything if given the option?

http://ultimatebootcd.com/

Edited by BlackBurst, 25 September 2008 - 11:48 AM.


#5 tofte

tofte
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 25 September 2008 - 12:20 PM

Is there a way to tell whether I have an original XP install disc or if it's only a rescue disc of some sort, like quietman mentions in this thread: http://www.bleepingcomputer.com/forums/topic170916-15.html?

The laptop came with pretty much everything installed when I bought it from dell, so I've never really looked too closely at the cds that came with it.

#6 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:07 AM

Posted 25 September 2008 - 12:43 PM

One test is insert the CD and reboot the computer
Chewy

No. Try not. Do... or do not. There is no try.

#7 stlolth

stlolth

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 25 September 2008 - 12:48 PM

Is there a way to tell whether I have an original XP install disc or if it's only a rescue disc of some sort, like quietman mentions in this thread:


the disks should pretty much state what they are on their cases or their surfaces. the important thing is if you don't have an xp setup disk, but just a rescue or rapair disk you shouldn't format your drive because you don't have anywhere to install windows back from.

#8 tofte

tofte
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 25 September 2008 - 12:56 PM

What I have, are one cd saying 'drivers and utilities - for reinstalling dell system software', two that says 'for reinstalling dell inspiron eurotools system software' and one microsoft office basic edition. Can't seem to find a windows disc?

#9 hamluis

hamluis

    Moderator


  • Moderator
  • 55,887 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:07 AM

Posted 25 September 2008 - 12:58 PM

I believe the MS hologram appears on MS install CDs...but I agree with DaChew.

The screens which appear will make it clear what it is and what options you have for install...and you can terminate the procedure once you see enough to make a decision.

Louis

#10 tofte

tofte
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 25 September 2008 - 01:11 PM

Yeah, the office disc has the MS hologram on it, the others are just dell cds with no hologram. Guess I'll just backup my important data, and give the dell cd a try.

#11 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:07 AM

Posted 25 September 2008 - 01:18 PM

try to boot to each disk

only the restore one wil be bootable

after booting you will be given a choice before the format/wipe/reinstall starts
Chewy

No. Try not. Do... or do not. There is no try.

#12 tofte

tofte
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 26 September 2008 - 07:50 AM

Only was able to boot on the one utilities disc, but I'm unsure if reformatting or reinstalling is an option here. When I booted from it, the only option was "run the 32 bit dell diagnostics" and it is now running some sort of test on my computer that seem to mostly have to do with whether it's working properly or not. No reformatting option. Anyone familiar with this?

Edit: Apparently hitting Ctrl+F11 opens some system restore process that restores the computer to its original setting. Does anyone know if this wipes everything clean, like a reformat would, or might there still be spyware on my computer after this?

Edited by tofte, 26 September 2008 - 08:09 AM.


#13 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:07 AM

Posted 26 September 2008 - 08:07 AM

You may have lost one of the disks, but more likely there's a hidden recovery partition on your hard drive and it takes a certain command at boot up to access it

Exactly what laptop do you have?
Chewy

No. Try not. Do... or do not. There is no try.

#14 tofte

tofte
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 26 September 2008 - 08:15 AM

It's an inspiron 1300 dell laptop. Think I've got it now though, Ctrl+F11 seems to have done the trick.

#15 tofte

tofte
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:07 AM

Posted 26 September 2008 - 08:23 AM

Looks like it worked fine and my computer is now in its original state. Seeing as you've been so helpful this far, do you have any recommendations on how to best protect my machine now, apart from what you said in your previous post? Should I download most of the firewall/anti-spyware stuff on another computer then transfer them over on a usb-stick to avoid connecting to the net unprotected?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users