Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Will reinstalling windows and deleting partitions and all my data remove a virus


  • Please log in to reply
5 replies to this topic

#1 Bobbyandco

Bobbyandco

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 18 May 2015 - 02:05 PM

I am considering doing this and i was just wondering would it remove a virus

Edit: Topic moved from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


m

#2 shival

shival

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 18 May 2015 - 02:23 PM

For most of viruses I would say - absolutely yes. Only few really hardcore ones can survive a full disc format.



#3 Bobbyandco

Bobbyandco
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 18 May 2015 - 02:34 PM

ok thanks for a speedy reply!



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:41 PM

Posted 18 May 2015 - 06:09 PM

A "factory restore (reset)" essentially reformats your hard drive, removes all data and restores the computer to the state it was in when you first purchased it. Most computers manufactured and sold by OEM vendors come with a vendor-specific Recovery Disk or Recovery Partition for performing a clean "factory restore". Some factory restore partitions/partitions/disks give you all the options of a full Microsoft Windows CD, but with better instructions and the convenience of having all the right hardware drivers. Others can do nothing except reformat your hard drive and restore it to the condition it was in when you bought the computer. Either way, you will need to reinstall any programs that did not come preinstalled with your computer and run Windows update to redownload all critical patches.

With that said, infections and severity of damage will vary and there are some types of malware which may resist reformatting. For example, there are some infections (rootkits and bootkits) which can create a hidden partition table and alter (overwrite) the Master Boot Record (MBR) of the system drive to ensure persistent execution of malicious code and the MBR would need to be repaired. In these cases, FDISK or similar software utility is typically used to delete the boot partition where the MBR is located and repartition/format a given volume...a separate function. If restoring a full hard drive image it will replace the MBR since hard drive imaging software also clones the MBR. Other types of malware can infect recovery partitions and even render them unusable. If the recovery partition has become infected, you will need to contact the computer manufacturer, explain what happened and ask them to send full recovery disks to use instead. If you lost or misplaced your recovery disks, again you can contact and advise the manufacturer. In many cases they will send replacements as part of their support or charge a small fee.

Researchers have demonstrated in a test environment proof-of-concept viruses that could modify the flash BIOS or install a rootkit on the BIOS of some systems so that it could survive hard disk wiping and reinfected a clean disk. This type of malware is very rare, exists primarily in-the-wild and is not generic...meaning it's vendor specific and cannot modify all types of BIOS.

This is a quote from my Security Colleague, Elise who works with the Emsisoft Anti-Malware Research Team.

Firmware is typically a small piece of software coded directly into a device (for example a video card or DVD writer) necessary for the device to function correctly. This code is highly device-dependent, different manufacturers and different models all require specific firmware. For that reason a firmware infection is not only highly unlikely but also very impractical for a malware writer. Someone who wants to create a successful infection not only needs to make sure the malware stays on the system (by making it harder to detect and delete), but also that it is distributed on a large scale. Deploying a firmware rootkit on a large scale is close to impossible as you'd have to write a lot of different versions for different hardware models.


These articles explain the complexity of the UEFI (Unified Extensible Firmware Interface), secure boot protocol and exploitation.Fortunately, it's highly unlikely you will encounter a BIOS-level scenario as it is not practical for cyber-criminals to use such an exploit on a grand scale. Malware writers would much rather target a large audience through social engineering where they can use sophisticated but less technical means than a BIOS virus.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Bobbyandco

Bobbyandco
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 19 May 2015 - 11:09 AM

http://www.pcworld.com/article/248995/how-to-install-windows-7-without-the-disc.html

 

If i used this plus included the windows factory restore, will it get red of the malware



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:41 PM

Posted 19 May 2015 - 01:08 PM

First, I have no idea what type of malware infection you are actually dealing with.

Second, step 2 in that topic for downloading ISOs is no longer available.

Third, it is a rather drastic step to undertake when there is a possibility of cleaning the malware.

If you would like individual assistance with malware removal, please follow the instructions in the Malware Removal and Log Section Preparation Guide. When you have done that, start a new topic and post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users