klikr 07. Apr 2010 07:42 AM

reformating to remove malware - what's best?

In the past I have done full reinstalls of windows to be sure of removeing malware. I had been informed that this would be a sure way to remove all infections. But since then I have seen opinions that say to be really sure you first need to wipe the hard drive with a program like Darik's boot and nuke. I have even seen people that say to be 100% sure of a clean computer you need to install a new hard drive.

If anyone knows how far I need to go to be certain of removeing all infections I would appreciate any help.

Also, I saw an article at wikipedia about a bios virus, I assume a reinstall would have no effect on this, again any help would be great.


Anupam 07. Apr 2010 08:26 AM

Normally, if you have had some tough-to-remove malware on your system, then they would go away with a format and reinstall of Windows. But, if you get rootkit infection, then that can be hard to remove. I don't know how the rootkit survives the formatting, but I have read that even after a format, the infection can be there... so in case of rootkit infection, you can choose to wipe the disk. I don't think its required in cases of other kinds of infection. I am not an expert however, and someone with more knowledge than me, will be able to tell you better.

Yes, there are BIOS virus too, and these won't go away with a reformat, and reinstall. For these, I think you can remove them with a antivirus rescue CD, which has got such capability to remove boot virus. I don't know names of any such CD which might have this feature though.

freedog96150 07. Apr 2010 09:00 AM

I have crossed paths a few times (only 5 so far) with boot sector virus infections. I would never classify myself as an expert with so few dis-infections to my name. I can tell you this - they were horrible.

No amount of deleting partitions and re-creating and then re-formatting would remove those infections. I finally resorted to DBAN (Darik's Boot and Nuke) to completely wipe the hard disk and its Boot Records. After repartitioning, re-formatting and reinstalling Windows, all was back to normal.

It was not until I was testing software programs for my category, Best Free Partition Manager, that I realized that several of our recommended partition management packages include the functionality to work with the MBR (Master Boot Record). I have added this function to my queue for the next round of tests.

As to BIOS virus, that sounds even uglier than boot sector virus. I hope that in those cases the computer in question is one of the big name brands that offers their BIOS upgrades for download over the web. Then it may be a simple matter of flashing a new BIOS to the computer and reloading your software.

Anupam 07. Apr 2010 09:15 AM

Oops!! Seems like I got confused between boot sector virus, and BIOS virus. Thanks to freedog's post, I got reminded of it.

Boot sector virus can be removed by using an antivirus rescue CD... BIOS virus cannot be removed by that. As freedog says, BIOS virus can only be removed by flashing of the BIOS... and that can be a risky task.

Here is an article I found for BIOS virus :

As the article says, BIOS virus are very rare.

Boot sector virus may or may not get removed by formatting. For that, wiping the disk can be necessary. Also, as I said earlier, you can use an antivirus rescue CD.

klikr 07. Apr 2010 10:57 AM

Thanks for the help, I will keep looking into this issue and see what turns up.

MidnightCowboy 07. Apr 2010 11:08 AM

I'm not knowledgeable myself in this area either so am just repeating advice that my own tech has dished out to others. He quotes a blanket policy of saying that some infections can require a complete system rebuild so the easiest and cheapest option is to install Linux instead. He lives for Ubuntu which is why I guess such infected folks always end up with it! Presumably the logic here is that whatever it is can only run on a Windows platform but maybe someone here will say otherwise?

Av_Crazy 11. Apr 2010 02:34 PM

I heard of bios virus for d first time here...
and according to me it would be better to remove d infections with a trusted antivrus and by using rescue cd's like anupam example avira rescue cd
coz sum ppl just format d c drive...but the virus can be dere in oder drives ..and dere may be chances u cant format ur whole hard disk coz lots of important data is dere on ur cleaning is better option...
im no expert in dis field but i have cleaned many of my frnd's pc for infections

sumtimes d infections are so severe dat pc doesnt even reach desktop
so i use avira rescue disk for preliminary cleaning and den use panda cloud for total removal of infections...among all d av's i have used i found panda cloud most succesful

