User profile for user: TheSunRaven
TheSunRaven Author
User level: Level 1
0 points

Re-installing Windows

A few weeks ago, I became aware that my windows xp partition is most likely infected with a nasty virus. I've been holding off on tackling the problem because I'm not sure how to go about wiping the partition and re-installing.

MacBook 13", Mac OS X (10.4.11)

Posted on May 3, 2009 11:55 AM

Reply
1 reply
User profile for user: The hatter
The hatter
User level: Level 9
61,031 points

May 3, 2009 12:00 PM in response to TheSunRaven

There are a number of programs for removing malware on Windows.

http://www.makeuseof.com/tag/best-programs-to-keep-your-computer-secure/

Of course keeping a system up to date on patches, using common sense and reliable protection.

Boot from your (their) OS X DVD; install or boot from an external drive with OS X on it (backup, emergency boot drive, etc). And make sure to have the latest OS X Security Update (patches ClamAV).

Go through 'cleaning' these steps:

1.Clear the (IE) temporary Internet files and the history cache.
Click 'Start' and then click 'Run'... then type (or copy/paste)
"inetcpl.cpl" (w/out quotation marks) into the box, then click the 'OK'
button.
In Internet Properties panel 'General' tab, under 'Browsing history', click
'Delete...'button, in 'Delete Browsing History' panel, click the 'Delete
all...' button then place a checkmark into the box beside 'Also delete
files and settings stored by add-ons', Click 'Yes' and exit the Internet
Properties panel by clicking the 'OK' button.

2.Clean HDD
Delete files using Disk Cleanup (if on Vista)
http://windowshelp.microsoft.com/Windows/en-US/help/1264bc24-72a8-48aa-84e3-a355 327139d91033.mspx

3.Download/execute:
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
and
SuperAntispyware - Free
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE

4.Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

Please, do not post HJT logs to this newsgroup.
Fora where you can get expert advice for HiJack This! (HJT) logs.

http://www.thespykiller.co.uk/index.php?board=3.0
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.tomcoyote.org/index.php?showforum=27
http://www.bleepingcomputer.com/forums/forum22.html
http://www.malwarebytes.org/forums/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.theeldergeek.com/forum/index.php?s=2e9ea4e19d3289dd877ab75a8220bff6&s howforum=29

NOTE:
Registration is required in any of the above mentioned fora before posting
a HJT log and read the 'stickies' (instructions/guidelines) for the
respective HJT forum.

Additional information:
GMER - is an application that detects and removes rootkits.
http://www.gmer.net/index.php

For additional assistance in relation GMER scan results consult either
http://antirootkit.com/forums/index.php?sid=9e746bb696ac0bb38781ffe4361c3a17
--or--
http://www.thespykiller.co.uk/index.php?board=3.0

For Vista the most dependable defenses are:
1. Do not work in elevated level; Day-to-day work should be performed
while the User Account Control (UAC) is enabled.
User Account Control Step-by-Step Guide.
http://technet.microsoft.com/en-us/library/cc709691.aspx

Understanding and Configuring User Account Control in Windows Vista.
http://technet.microsoft.com/en-us/library/cc709628.aspx

2. Familiarize yourself with "Services Hardening in Windows Vista".
Services Hardening in Windows Vista
http://www.microsoft.com/technet/technetmag/issues/2007/01/SecurityWatch/
Educational reading:
10 Immutable Laws of Security
http://technet.microsoft.com/en-us/library/cc722487.aspx

3. Don't expose services to public networks.
Windows Vista Service Configurations Introduction
http://www.blackviper.com/WinVista/servicecfg.htm

4. Keep your operating (OS) system (and all software on it)
updated/patched. (Got SP1 yet?).
Windows update.
http://www.update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us
Secunia Personal Software Inspector
http://secunia.com/software_inspector
https://psi.secunia.com/
And
M/S Security Baseline Analyzer 2.0
http://www.microsoft.com/downloads/details.aspx?FamilyId=4B4ABA06-B5F9-4DAD-BE9D -7B51EC2E5AC9&displaylang=en
can assist also.

Why Service Packs are Better Than Patches.
http://www.microsoft.com/technet/archive/community/columns/security/essays/srvpa tch.mspx?mfr=true

5. Secure (Harden) Internet Explorer.
IE7 safe/secure settings
Internet Explorer7 Desktop Security Guide
http://www.microsoft.com/downloads/details.aspx?FamilyId=6AA4C1DA-6021-468E-A8CF -AF4AFE4C84B2&displaylang=en

Internet Explorer Enhanced Security Configuration changes the browsing
experience
http://support.microsoft.com/default.aspx?scid=kb;en-us;815141

The Internet Explorer 7 Security Status Bar
http://www.microsoft.com/windows/products/winfamily/ie/ev/security.mspx

Extended Validation SSL Certificates
http://www.microsoft.com/windows/products/winfamily/ie/ev/default.mspx

Note: Tight security settings will break down some websites. You need to
add these websites into the Trusted Zone for smooth access.

Add the following URL's to the Trusted sites:
http://update.microsoft.com
http://download.windowsupdate.com
https://*.update.microsoft.com
http://*.update.microsoft.com
http://*.microsoft.com

6. Review your installed 3rd party software applications/utilities;
Remove clutter, including 3rd party software personal firewall
application (PFW) - the one which claims:
"It can stop/control malicious outbound traffic".

7. Activate the build-in firewall and tack together its advanced
configuration settings.
Tap into the Vista firewall's advanced configuration features
http://articles.techrepublic.com.com/5100-10877-6098592.html
"...once you discover the secret of accessing its advanced configuration
settings via the MMC snap-in, you'll find it to be far more configurable
and functional. At last, Windows comes with a sophisticated personal
firewall that can be used to set up outbound rules as well as inbound, with
the ability to customize rules to fit your precise needs."
--Or--
Configure Vista Firewall to support outbound packet filtering
http://searchwindowssecurity.techtarget.com/tip/0,289483,sid45_gci1247138,00.htm l
--Or--
Vista Firewall Control (Free versions available)
http://sphinx-soft.com/Vista/

7a.If on high-speed Internet connection use a router.

7b.Implement countermeasures against DNSChanger.
http://extremesecurity.blogspot.com/2008/06/use-default-password-get-hijacked.ht ml

7c.Just in case, Wired Equivalent Privacy (WEP) has been
superseded by Wi-Fi Protected Access (WPA).

8. Utilize one (1) each 'real-time' anti-virus and anti-spy
application.

9. Employ vital operating system monitoring utilities/applications.
Consider: Process Explorer, AutoRuns, TCPView, WALLWATCHER, Wireshark,
Port Reporter etc.

10.Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Hundreds Click on 'Click Here to Get Infected' Ad
http://www.eweek.com/article2/0,1895,2132447,00.asp

The least preferred defenses are:
Myriads of popular anti-whatever applications and staying ignorant.
Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Re-installing Windows

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up