• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Reformatting advice.

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
Thanks again for the replies.

One last question, with reformatting, how big would you suggest my Windows partition be?
 
That is a good question and it depends on if you are using a Solid State Drive or not. SSD will make your setup seem a lot faster and since they are expensive, partitions on those tend to be smaller than on mechanical hard drives.

But +/- 30 GB should be plenty if instead of to C:\Program Files, you install large applications to E:\Program Files for example.
 
That is a good question and it depends on if you are using a Solid State Drive or not. SSD will make your setup seem a lot faster and since they are expensive, partitions on those tend to be smaller than on mechanical hard drives.

But +/- 30 GB should be plenty if instead of to C:\Program Files, you install large applications to E:\Program Files for example.
Thanks.

It's just a regular 500GB HDD, so the 30GB should be enough; I think. Might shoot ~40-50GB, just in case. I don't use up too much space anyway seeing as it took me about 24 months since my last reformat to accumulate ~250GB. So I think I can be somewhat generous.

Currently running the laptop through safe mode, so hopefully the trojan doesn't execute itself and infect even more files. It doesn't seem to be the case anyway as recent scans haven't turned up any new instances of infected files and task manager isn't showing up any related processes.

Managed to reshuffle the portables, so I just had enough room on one of them to move the files I want. Waiting for the transferring was a bit of a pain in the arse, but nothing compared to the annoyance of this infection.

Downloaded Avast and scanned the files I've put on the portable, nothing has come up. Trying the same with Avira right now; if it's clean, I'll reformat, reinstall Avira and then transfer everything back. I don't think anything should turn up as the trojan apparently focuses on exe, dll and html files. the vast majority of the files are mp3s, videos, images and rars. There are probably a few exe files for drivers and such, but I don't think they've been infected. Not yet at least. Assuming the trojan isn't active in safe mode, they should be okay? MB hasn't shown brought up anything new either, but I'm sure it'd crop up again as soon as I boot up Windows proper.
 
You can set the OS partition to whatever you like, see the reasoning is, the smaller the partition - the quicker the imaging process and the smaller the drive image file sizes.


So this is a one hard drive laptop? Well, I would still partition the drive, do a clean install, set things just the way you like them and then image the OS partition. You can save the image files on your hard drive then just reimage the OS partition whenever you have a problem and things will return to the state they were in when you made the image.

Or if you're low on space, image to/from an external drive.

For reference, I have only a 60 GB SSD and my Windows 7 is 25 GB (which fits on 8.5 GB drive image files) and Windows XP 18 GB (which fits on 5.7 GB drive image files.) Of course I have system restore, hybernation disabled to make images smaller.
 
After you do a clean install, set Avira properly and you should be protected.

.

Allow the configuration wizard to keep the default extended threat categories. [Do not Select All.]
(UNCHECK: Application (APPL), Games, Jokes, Security privacy risk, and Unusual runtime compression.)



Subscription to new virus definitions for this program is renewed automatically through product updates. It is not renewed through virus definition updates. If product updates are disabled in order to prevent installation of a newer version of the program, download the latest key file from

http://dl2.avgate.net/down/windows/hbedv.key

and either copy it to
C:\Program Files\Avira\AntiVir Desktop
and restart or go to Help > License management > click on the blue hbedv.key link > browse to the new downloaded hbedv.key > Open.


Options:
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe

> Configuration (Right middle part of the window) > CHECK: Expert mode (upper left) > UNCHECK: Follow symbolic links (middle right)
> Scanner > Scan > Action for concerning files

Optionally disable being notified every time USB drive has an AUTORUN.INF file:
Guard > Scan > Action on detection > UNCHECK: Block autostart function

For older/slower systems: Guard > Scan > Heuristic > UNCHECK everything

> General > Security > UNCHECK: Show notice if the virus definition file is out of date
then



To disable Notifier nag screen: Windows 2000/XP Control Panel > Administrative Tools [in Windows 7, click on System and Security first] > Local Security Policy > Right click on Software Restriction Policies > Create New Policies > Right click on Additional Rules > New Path Rule... > Browse... to the path of avnotify.exe default is
C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
> Set the security level to Disallowed > OK



For Windows XP Home you would need to boot into safe mode and log in as Administrator, then
go to
C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
and right click on it >
Properties > Security > Advanced > Edit > Select options not to let it execute for all users.

This also works for Windows 2000.



Turn off notification pop-ups after Antivir updates itself:
Administration (lower left) > Scheduler > Right-click on Daily Update > Edit job > Next > Next > Next > under Display mode, select Invisible > Finish.
 
Okay.

One last thing before I do the reformat. What imager are you using and do you just use Avira? Or are you also using stuff like MalBytes, Spybot, etc. (I assume not so that they don't clash?)

I always feel like a bit of an idiot asking questions like this, but it's been so long since I've bothered keeping my working knowledge of computers to date that everything that would have been second nature to me 5-6 years ago is pretty much alien now, save for a few bits and pieces here and there.
 
Last edited:
Here's what I do with files needing execution. Autoruns, delete, reboot. If that don't work and you can't find a working backup image then just format. If you had a decent firewall like privacyware's it would have caught it. AV is like the tail wagging the dog. A good fw is your first line of defense. Avira is what you will need after the fact. As for 'imaging', the std quick option kills everything.
 
Last edited:
Chances are that Avira would have caught what he has and he would have therefore saved himself hours & hours of time. So having it installed is not a bad idea.

Generally it is not a good idea to have multiple antivirus programs installed however. I personally only have Avira installed alongside Comodo Firewall (not Comodo Firewall + Antivirus, just Comodo Firewall) http://personalfirewall.comodo.com/free-download.html
It will intercept anything that tries to phone home. Windows Firewall does not do that (!) and is therefore imho useless because Windows Firewall only monitors incoming and not outgoing data. Comodo Firewall will intercept the outgoing phone home attempts.


I always feel like a bit of an idiot asking questions like this, but it's been so long since I've bothered keeping my working knowledge of computers to date that everything that would have been second nature to me 5-6 years ago is pretty much alien now, save for a few bits and pieces here and there.

The people making mistakes are the people not asking questions. Hopefully through trial & error, you'll figure all this out and down the road save yourself days of frustration having to do worry about yet another reinstall.



Here's how I install Comodo Firewall by the way:

Double click on Setup.exe to install the program > OK > UNCHECK everything.
Do not change DNS servers. Do not enable Cloud Based Behavior Analysis.

CLICK ON CUSTOMIZE INSTALLER here.

UNCHECK: Install COMODO GeekBUddy > Back > Agree and Install


First import any saved configurations if you have them:
Right click on the Comodo icon in the task bar Right click More... > Configuration > Manage My Configurations > Import...

Then click on the imported configuration > Activate


Otherwise, set your custom configuration:

Right click on the Comodo icon in the task bar > Firewall security Level > Custom Policy Mode.

Start the program > More... > Preferences > General TAB > Update setting

More... > Manage my configurations to Import/Export settings
(select COMODO Firewall Security for Blocked/Trusted programs)

Give a unique name to newly imported settings, then after importing go to
Miscellaneous > Manage my configurations > Click on the unique name > Activate


Firewall > Common Tasks > Define any New Trusted/Blocked Applications
Firewall > Advanced > Firewall Behavior Settings > Alert Settings > Very Low (Shows only one alert per application) > Apply

To view a list of blocked/trusted applications: Firewall > Advanced > Network Security Policy
 
For drive imaging, Norton Ghost is one option but I think Windows 7 itself has a drive imaging option plus there are many others. The only thing to remember is not to use old software for either partitioning or drive imaging.

New hard drive sizes and new chipsets require updates only available on new software.
 
Well, I'm all done and reformatted.

Got a 45GB partition for system files and small programs and a 420GB partition for everything else.

Just had to uninstall Codomo and Anvira to allow me to reinstall Alcohol 120%, which was a bit of a pain in the backside. The restrictions and dancing about are probably the main reasons I seldom use AV programs. But it's worth it if I don't have to go through the hassle again... Otherwise things are going okay.

I'm sure I've forgotten to import a few things here and there, but I'll just live with it. I know I'm missing a load of fonts, so when I get around to reinstalling Photoshop, a lot of my files are going to get converted. Most things are okay though.

That's the main reason I'm not a huge fan of reformatting, losing stuff (since I'm a hoarder). But hopefully, I'm in a better position now for the future.

Thanks for all the help, guys.
 
Last edited:
Back