Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Re-format and re-install after backdoor malware

  • Please log in to reply
3 replies to this topic

#1 AllisonPJ


  • Members
  • 18 posts
  • Local time:05:39 PM

Posted 17 February 2009 - 04:31 PM


Over the weekend, my computer got attacked by a bunch of malware, including at least one backdoor and rootkit. Following the advice I received in another forum here, I've decided it's better to be safe than sorry, so I'm going to backup my files and do a re-format and re-install of my operationg system.

I'm a little nervous, however. My computer (HP Pavilion a1440n with XP Media Center SP2) is a retail l unit, and the only software I have are the 3 recovery discs it had me create after purchasing it. It's the first computer I've owned that didn't come with recovery discs. I'm kind of anxious about trusting that the homemade ones the system did years ago are even going to work now.

Another thing I'm unsure about: my hard drive has a Recovery partition (D: drive) on it. Will I need this in order to do the re-install, or will my recovery discs be sufficient? I would imagine when I re-format the drive, that partition will be erased as well. Or if not, that it would need to be, to ensure there isn't anything left of the backdoor or rootkit lurking in the other partition. So if I erase that, am I going to have problems getting my computer working again?

If I didn't hate Vista so much, I'd just go out and buy it at Circuit City while they're having their liquidation sale and be done with it. But I'd much rather get my XP Media Center back if I can.

I'm also a little nervous about putting my backed-up files back onto the cleaned drive later. Will doing a scan of the external hard drive before I move anything be enough to ensure nothing bad is going to get transfered over? I'm going to be careful not to back up anything executable. I just want to be sure I can save all of my music and pictures and fonts, as well as all the documents and grahpics (Adobe) files from my design business Anything I don't have software for, I can re-download later. If I can't, then I probably don't really need it.

Thanks in advance for your help.


BC AdBot (Login to Remove)


#2 garmanma


    Computer Masochist

  • Members
  • 27,809 posts
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:05:39 PM

Posted 17 February 2009 - 08:02 PM

You can buy replacement CD's for a nominal fee from HP:
HP recovery CD's

We have a tool called Flash Drive Disinfector for USB devices
Make sure the devices are plugged in when you run it
This is a direct link
One item of note:
As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you run it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.

Some A-V programs will flag this as a virus but it's a false positive
It's a folder not the file that can be an infection
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 AllisonPJ

  • Topic Starter

  • Members
  • 18 posts
  • Local time:05:39 PM

Posted 18 February 2009 - 03:10 PM

Thanks for the link. I'll look into that if my self-made discs don't work.

For the disinfector, what is it used for? What I have right now is an old internal hard drive in an external casing, which then connects via USB to the computer. 99.9% of the time it's not on. I just keep old files backed up there, and it's what I'm using right now to back up my current stuff before I reformat the computer's hard drive. So at what point does the disinfector come into play? Was I supposed to have used it before transferring any files to the external drive, to clean it off first? Or is it a scanning program that will check the drive once it's been filled to make sure there's nothing bad on it? And if that's the case, when do I rnstall and run it? Before or after I do the reformat and reinstall of XP?

While I'm throwing questions at you, one more advice request: is there any particular antivirus/internet security program you recommend? What I had before was McAfee, but it was a free version I downloaded through AOL. This time I'm going to buy something, but I'm not sure which is best . I'm debating between Norton and Kaspersky, though I'm open to any, as long as they'll do a better job of protecting my computer in the future! RoadRunner actually offers the CA Internet Security Suite for free as part of their subscription package, but after what happened iwth McAfee, I'm hesitant of going with another freebie.

Sorry for all the quesitons. I just want to make sure I do everything right! Thanks again for all of your help.

#4 ceannaire


  • Members
  • 3 posts
  • Gender:Male
  • Location:Ireland
  • Local time:09:39 PM

Posted 18 February 2009 - 04:26 PM

While I'm throwing questions one more advice request: is there any particular antivirus/internet security program you recommend?

Personally I think Bit Defender is a great all round security suite. (Read up on it before you decide which is best.) I used to be a Norton user but we fell out :thumbsup:

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users