Will an OS reinstall wipe over a trojan/virus attack?

Discussion in 'Security and Anti-Virus Software' started by Simic, Dec 23, 2009.

Thread Status:
Not open for further replies.
  1. Simic

    Simic Notebook Consultant

    Reputations:
    0
    Messages:
    107
    Likes Received:
    0
    Trophy Points:
    30
    Yesterday my computer was attacked, from what I can tell, by richtx64.exe and wscsvc32.exe. Whatever it was, I can no longer launch or run Avira or run any other antivirus or malware programs...they simply won't run. Error boxes continue to pop up on my screen.

    So I've decided to just re-install Windows XP SP2. I have a few questions:

    1) Will this be sufficient to clean out my computer? Is there any way the viruses would somehow re-appear or survive of fresh re-install?

    2) Do I need to do anything special/unusual in my re-installation? As you can tell, I'm not a terribly advanced user, and i will probably just follow some online step-by-step guide for my reinstallation.

    3) I've transferred all my "My Documents" folders (music, word files, etc) to an external HD. From what I understand, these files should be clean. Is this a foolish assumption? If so, what can I do to preserve my files or at least clean them?
     
  2. taj619

    taj619 Notebook Consultant

    Reputations:
    6
    Messages:
    150
    Likes Received:
    0
    Trophy Points:
    30
    well a reinstall will clear them but if they are attached to or in any of the folders in ur saved documents in the external hard disk they can again effect ur system so after fresh install just scan ur external hard disk files so taht if there are any threats they can be removed permanently
     
  3. $immond$

    $immond$ Notebook Consultant

    Reputations:
    257
    Messages:
    279
    Likes Received:
    0
    Trophy Points:
    30
    Id suggest doing a proper delete of your hard drive using DBAN or Killdisk. After which any documents you backed up Id suggest scanning with Kaspersky or Bitdefender. Free anti-viruses dont cut it when dealing with serious infections.
     
  4. DetlevCM

    DetlevCM Notebook Nobel Laureate

    Reputations:
    4,842
    Messages:
    8,392
    Likes Received:
    1
    Trophy Points:
    205
    Assuming your format during you reinstal that should be enough - no need for somethign liek DBAN or killdisk.
    Maybe use a full format instead of a quick one though - a quick format only deletes the master file table.

    And taj619 is right - a reinstal will only help if the files are clean.

    Free antiviruses can be very good - try Microsoft Security Essentials.
    For on demand - Malwarebytes (which you can run in parallel as long as its on demand only)

    KIS in the current version sadly has a rather noticeable performance hit...
     
  5. surfasb

    surfasb Titles Shmm-itles

    Reputations:
    2,637
    Messages:
    6,370
    Likes Received:
    0
    Trophy Points:
    205
    Without user interaction, it would be impossible for a virus/malware to reappear. It sounds like you got the malware from a malicious link. Just make sure not to navigate to said link again or install any third party programs from companies you are unfamiliar with.

    While you can just install the OS right over the old one, it will be easier in your case to just wipe the old partition. It looks like you've already backed up your old files.


    Document files, Music, picture and video files are more or less very difficult to infect and spread malware through these types of files.

    At least scan your files with a trusted scanner, like an online scanner.
     
  6. $immond$

    $immond$ Notebook Consultant

    Reputations:
    257
    Messages:
    279
    Likes Received:
    0
    Trophy Points:
    30
    Kapersky anti-virus doesn't use much of my resources and vista and win 7 don't have the option for a thorough deletion/wipe hence why I use dban or killdisk.
     
  7. Baserk

    Baserk Notebook user

    Reputations:
    2,503
    Messages:
    1,794
    Likes Received:
    1
    Trophy Points:
    56
    DetlevCM was talking about KIS, not KAV.
    Reinstalling from CD/DVD always gives you the option to do a complete wipe in the form of a full format.
    For a reinstallation, a KillDisk/DBAN wipe isn't necessary.
    Only perhaps if you want to sell the notebook/HDD with a fresh install.
     
  8. Partizan

    Partizan Notebook Deity

    Reputations:
    241
    Messages:
    1,697
    Likes Received:
    0
    Trophy Points:
    55
    Can't the entire 'cleaning your hard drive proces' be avoided if you just buy a decent anti virus? My kaspersky anti virus blocks tons of trojans. Previously I had bitdefender, which totaly killed my desktop (it had a trojan, bitdefender blocked it, and in return the trojan blockt my computer lolz, so in that case I prefer northon which just leaves the trojans so they won't freez your pc permanantly).
     
  9. DetlevCM

    DetlevCM Notebook Nobel Laureate

    Reputations:
    4,842
    Messages:
    8,392
    Likes Received:
    1
    Trophy Points:
    205
    Baserk is right - I am talking about KIS - Kaspersky Internet Security.

    And performnce hit - log in is delayed by at least 10 seconds (after you put in you password) and programme startup is delayed - now this isn't too noticeable on a HDD but very noticeable on a SS where I click and nothing happens...
     
  10. StormEffect

    StormEffect Lazer. *pew pew*

    Reputations:
    613
    Messages:
    2,278
    Likes Received:
    0
    Trophy Points:
    55
    Free alternatives are often more useful to me than paid suites.

    At the IT Center I work at, we follow a simple regiment to clear our infected systems (where we can't convince the customer to reformat and reinstall).

    1. Remove previous (usually nonfunctional or expired) AV solutions if possible.

    2. Run ComboFix from BleepingComputer.

    3. Run MalwareBytes Free Anti Malware Full Scan (use google)

    4. Run HijackThis! and paste log file output into this site for info on what to clean.

    5. Install and run a full scan with Microsoft Security Essentials.

    6. If the infection remains, uninstall MSE and try Panda AV or alternatives.

    7. If none of that works, attempt manual removal from registry or system32.

    Post Clean-up Steps:

    1. Uninstall plethora of installed AV apps we just used (although we make sure not to have multiple On Access scanners installed concurrently).

    2. Often need to run an sfc /scannow (a system file check, runs most effectively on Vista/7, XP requires install media and works rarely in my experience) because the system has been broken in some way.

    3. Remove ancient Adobe Reader and Flash installations.

    4. Install updated versions of said programs using ninite.com.

    5. Install all Windows Updates.

    6. Install our paid AV enterprise suite and set up automated scanning and updating, even though I dislike it.

    7. Hope that you didn't forget anything and then tell the customer to keep flash and adobe updated.

    Sometimes these steps get out of order for one reason or another, but this is the gist of it, and 80% of the time it works.
     
Loading...
Thread Status:
Not open for further replies.

Share This Page