VIRUS, Restore to Factory, Format Disk - HELP

Desktop

Desktop
Desktop computer Forums (Audio, General Hardware, Video)

VIRUS, Restore to Factory, Format Disk - HELP

  • When I purchased my Dell Dimension 5150 it did not come with any CD's rather instructed me to do a CNTL + F11 if I ever had to restore.

     

    I recently got a virus (XP Antivirus 2008) virus that placed a trojan on my pc.  I bought Spyhunter and it could not clean it.  Also the virus changed desktop screens and would not allow me to do a normal shutdown.

     

    So my only option looks like to Format and Reinstall.

     

    I have backed up all my data, mail, favorites, etc.

     

    So I proceeded to do the Restore to Factory settings procedure. 

     

    In 2 separate calls to Dell, one tech rep assured me that a Format was done when I did a restore to factory settings although I did not get prompted for a format to take place and the restore to factory settings was completed in less than 5 minutes.  I as skeptical that the HD got formated.

     

    The second call to Dell, I asked "did it really format the HD" ?  The tech rep said no. I would have to format the disk, loose my (Dell hidden restore to Factory setting partition) and reinstall from CD's they would send to me for the Operating system and drivers for my PC sevice tag configuration.

     

    Here is my question for you good people to validate for me.   I believe I need to do a Format to get rid of that nasty virus, TRUE?

     

    Did the Restore to Factory settings do a Format?

     

    Is there any way to preserve the Restore to Factory settings partition if I do have to do a manual Format?

     

     

     

    thanks for your help

  • TSF-ZEO

    When the Dell PC Restore by Symantec feature is used, all the data on the C:/ partition is removed and it is returned to, as shipped condition.

    If you carry out a manual format and reinstallation of XP, the Dell PC Restore by Symantec feature becomes unusable, see here

    Dell Customers can request a set of backup discs containing the factory-installed operating system as well as the device drivers and utilities specific to your system from here.

    Bev.


    ===================================================
    Please don't send me questions about your system by DCF Messenger.
    Post the issue in the appropriate Board, where they will be answered.

     

    If my answer was helpful, please use the 'Did this answer the question' and click: Yes
    Forum Member since 2001
    I am not employed by Dell

  • Hi Bev

     

    thanks for the info.

     

    would you say that my C drive is then "formatted" and the virus is gone?

     

    is it safe to continue loading software or do I run the risk of having this virus pop back up unless I do the manual Fdsk and CD's installs?

     

    thanks,

  • TSF-ZEO

    Hi.

    Yes, I would. All the data, including the virus is erased, from the C:/ partition, when the Dell PC Restore is used.

    Remember to make certain that your Anti-Virus software is loaded and the definitions updated to the latest version.

    Bev.


    ===================================================
    Please don't send me questions about your system by DCF Messenger.
    Post the issue in the appropriate Board, where they will be answered.

     

    If my answer was helpful, please use the 'Did this answer the question' and click: Yes
    Forum Member since 2001
    I am not employed by Dell

  • Hi Bev and All,

     

    Sorry to say doing a restore to system factory settings does not do a format of the C drive and if you have a nasty virus it will remain on the hard drive and resurface.  The only real clean way to do this is to get the set of CD's from Dell for you order if they were not sent originally and to do a hard FORMAT of the C drive removing all the partitions set on the computer.  This will eliminate the recovery feature to being able to restore to factory setting but is the only way to get rid of the nastyest of viruses.

  • "Sorry to say doing a restore to system factory settings does not do a format of the C drive ..."

     

    Not true.

     

     

    "... and if you have a nasty virus it will remain on the hard drive and resurface."

     

    True if it's a boot sector virus.  Boot sector viruses do not live in a partition, so are immune to reformatting said partition.

     

     

    "The only real clean way to do this is to get the set of CD's from Dell for you order if they were not sent originally and to do a hard FORMAT of the C drive removing all the partitions set on the computer."

     

    Not true.

     

    Dell's PC-Restore will definitely remove any malware that got into the OS partition, including rootkits.  Guaranteed.  It will not remove a boot sector virus, as that is not part of the OS partition.

     

    Rewriting the MBR is a common method of removing a boot sector virus.

     

     

    Dan Goodell

    Inside the Dell PC-Restore Partition

     

     

     

  • Sorry to say doing a restore to system factory settings does not do a format of the C drive ..."

     

    Not true.

     

    I believe it is all it does marks pointers to start at new positions.  Which takes seconds.  To do a real format took about an hour and I believe what happens there is each sector is re-written and formatted.  So I guess my question is does it do a "pointer set format" versus a "clean re-write" format?

     

     

    "... and if you have a nasty virus it will remain on the hard drive and resurface."

     

    True if it's a boot sector virus.  Boot sector viruses do not live in a partition, so are immune to reformatting said partition.

     

    Must be this is what I had as it did not go away after system restore to factory settings.

     

     

    "The only real clean way to do this is to get the set of CD's from Dell for you order if they were not sent originally and to do a hard FORMAT of the C drive removing all the partitions set on the computer."

     

    Not true.

     

    Dell's PC-Restore will definitely remove any malware that got into the OS partition, including rootkits.  Guaranteed.  It will not remove a boot sector virus, as that is not part of the OS partition.

     

    Well, I went and had to do it the hard way.  It was better that way too, I was able to get rid of all the extra trial stuff that was loaded originally.

     

    Rewriting the MBR is a common method of removing a boot sector virus.

     

    And how is that done when the MBR is corrupted?

     

     

     

     

    Thanks for the response. 

  •  

     

    "To do a real format took about an hour and I believe what happens there is each sector is re-written and formatted.  So I guess my question is does it do a "pointer set format" versus a "clean re-write" format?"

     

    No such thing as a "real format" anymore--not in at least 15 years, when drives got larger than about 200 MB (0.2 GB) and MFM/RLL technology gave way to IDE.  Sectors are not user-formatted anymore, as that is done only at the factory.  What people today refer to as "formatting" is really just initializing one or another file system on preformatted sectors.

     

    Today's "quick format" initializes the partition boot sector, creates an index table (FAT, MFT, et al) and zeroes the table.  Today's "long format" does a quick format plus writes zeroes to each allocation unit.  (FTR, data space is accessed by allocation units or clusters, not by sectors.)

     

    A long format is totally superfluous, as nothing in the data space can live without an entry in the FAT/MFT.  While the actual 1's and 0's may survive a quick format, the file system completely disregards them.  It is totally irrelevant what 1's and 0's are in a sector if the FAT/MFT says it's free space.  Those 1's and 0's cannot magically reconstruct themselves into a file.

     

    You can learn more about disks, partitions, formats, and file systems from online references such as The PC Guide and others.


    The Dell PC-Restore does a Ghost image restore.  By it's very nature, an image restore involves the equivalent of a quick format.

     

     

    "And how is that done when the MBR is corrupted?"

     

    Lots of ways.  Boot recovery console from XP CD and issue "fixmbr" command.  Boot from Win98 boot floppy or CD and issue "fdisk /mbr" command.  Use my Dsrfix program to repair the MBR.  Or google for countless other MBR repair utilities, nearly all of which are equally competent for such an elementary task.