Sorry the news was not promising in your case.
If you're not sure how to reformat or need help with reformatting, please review:
These links include specific step-by-step instructions with screenshots:Vista users
can refer to these instructions:Windows 7 users
can refer to these instructions:
Don't forget you will have to go to Microsoft Update
and apply all Windows security patches after reformatting.Note: If you're using an IBM, Sony, HP, Compaq, Toshiba, Gateway or Dell machine, you may not have an original CD Disk. By policy Microsoft no longer allows OEM manufactures to include the original Windows XP CD-ROM on computers sold with Windows preinstalled. Instead, most computers manufactured and sold by OEM vendors come with a vendor-specific Recovery Disk or Recovery Partition for performing a clean "factory restore" that will reformat your hard drive, remove all data and restore the computer to the state it was in when you first purchased it. Also be sure to read Technology Advisory Recovery Media. If the recovery partition has become infected, you will need to contact the manufacturer, explain what happened and ask them to send full recovery disks to use instead. If you lost or misplaced your recover disks, again you can contact and advise the manufacturer. In many cases they will send replacements as part of their support.
If you have made a disk image
with an imaging tool
(i.e. Acronis True Image, Drive Image, Ghost, Macrium Reflect, etc.
your system was infected, then using it is another option. Disk Imaging allows you to take a complete snapshot
(image) of your hard disk which can be used for system recovery in case of a hard disk disaster or malware resistent to disinfection. The image is an exact, byte-by-byte copy of an entire hard drive (partition or logical disk) which can be used to restore your system at a later time to the exact same state the system was when you imaged the disk or partition. Essentially, it will restore the computer to the state it was in when the image was made
. You will then have to reinstall all programs that you added afterwards. This includes all security updates and patches from Microsoft.
If you need additional assistance with reformatting or partitioning if you decide to try that, you can start a new topic in the Operating Systems Subforums forum
: If you are considering backing up data and reformatting
or doing a factory restore with a vendor-specific Recovery Disk/Recovery Partition
due to malware infection, keep in mind with file infectors
, there is always a chance of backed up data reinfecting your system. If the data is that important to you, then you can try to salvage some of it but there is no guarantee
so be forewarned that you may have to start over again afterwards if reinfected by attempting to recover your data. Only back up your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup
any executable files (*.exe), screensavers (*.scr), dynamic link library (*.dll), autorun (*.ini) or script files (.php, .asp, .htm, .html, .xml) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may even disguise itself by hiding a file extension
or adding to the existing extension as shown here
(click Figure 1 to enlarge
) so be sure you look closely at the full file name. If you cannot see the file extension, you may need to reconfigure Windows to show file name extensions
. Then make sure you scan the backed up data with your anti-virus prior to
to copying it back to your hard drive.
If your CD/DVD drive is unusable, another word of caution if you are considering backing up to an external usb hard drive as your only alternative. External drives are more susceptible to infection and can become compromised in the process of backing up data
. I'm not saying you should not try using such devices but I want to make you aware of all your options and associated risks so you can make an informed decision if its worth that risk.
Again, do not back up any files with the following file extensions: exe, .scr, .dll, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.Important
: Since many file infectors are spread by using infected removable usb flash drives
and external drives, before starting the backup and restore process you should disable autorun
This type of infection usually involves malware that modifies/loads an autorun.inf
(text-based configuration) file into the root folder of all drives
(internal, external, removable) along with a malicious executable. When removable media is inserted (mounted), autorun looks for autorun.inf and automatically executes the malicious file to run silently on your computer.Keeping autorun enabled
on USB (pen, thumb, jump) and other removable drives has become a significant security risk
due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
Many security experts recommend you disable Autorun
as a method of prevention. Microsoft recommends doing the same
Microsoft Security Advisory (967940): Update for Windows Autorun
...Disabling Autorun functionality can help protect customers from attack vectors that involve the execution of arbitrary code by Autorun when inserting a CD-ROM device, USB device, network shares, or other media containing a file system with an Autorun.inf file...