Solved

Will reformatting your hard drive remove winproc32 virus???

Posted on 2004-03-31
10
419 Views
Last Modified: 2013-12-04
Will reformatting your hard drive (uninstalling and using the manufacturers restore cd) remove winproc32 virus?  The winproc 32 virus hijacks your default homepage and changes your default windows registry information.  I am not interested in downlaoding any software to fix the problem.  Will reformatting the hard-drive remove the virus and eliminate subsequent problems???

Thanks!

0
Comment
Question by:a2bc777
  • 6
10 Comments
 
LVL 20

Accepted Solution

by:
What90 earned 77 total points
ID: 10729464
Hi a2bc777,


Yes it will, but it an extreme way to go for a simple remove and clean up job. Most av or spyware removal tools will get the job done in a tiny amount of time compared to a full rebuild.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10730013
Dont format your hard drive - Just unplugg your internetcable while you remove the CoolWebSearch Spyware

***quote***
CoolWebSearch.winproc32 hijacks your SearchUrl, Search Bar, Search Page, Home Page, Search Assistant, Default Page Url and Customized Search to 4-counter.com.

Classification
Adware

Files
WINPROC32.EXE

Vendor
CoolWebSearch.com

Privacy policy
No privacy policy available.

Detection
Bazooka Adware and Spyware Scanner detects CoolWebSearch.winproc32. Bazooka is freeware and detects spyware, adware, foistware, trojan horses, viruses, worms, etc. Read more »

Manual removal
Please follow the instructions below if you would like to remove CoolWebSearch.winproc32 manually. Please notice that you must follow the instructions very carefully and delete everything that is mentioned. In most cases the removal will fail if one single item is not deleted. If Bazooka still detects CoolWebSearch.winproc32 after stepping through the removal instructions, please double-check by stepping through them again.

Start your computer in safe mode.
Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type regedit and click OK. (The registry editor will open.)
Browse to the key:
'HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run'
In the right pane, delete the value called 'Windows Internet Protocol', if it exists.
Exit the registry editor.
Start Windows Explorer and delete:
%SystemDir%\WINPROC32.EXE
Note: %SystemDir% is a variable (?). By default, this is C:\Windows\System (Windows 95/98/Me), C:\WINNT\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
Restart your computer.
***end of quote***

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10730031
>"Will reformatting the hard-drive remove the virus and eliminate subsequent problems???"
>"I am not interested in downlaoding any software to fix the problem"

Reformatting your harddrive will remove a lot of your problem, but not nescessary everything, because virus can be hidden i the boot-sector of your harddrive - forget all about reformatting !!

The above url tells you how to remove CoolWebSearch manually, but you have to find out if anything else is hidden on your hard drive, and to protect yourself in the future:

Get a firewall
Get an antivirusprogram
Get an antispywareprogram
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10730032
Getting a personal Firewall
http://www.zensecurity.co.uk/default.asp?URL=personal

Download the free version of Sygate personal firewall
http://smb.sygate.com/support/documents/spf/default.htm
http://smb.sygate.com/download/download.php?pid=spf

Download the free version of ZoneAlarm firewall
http://www.zonelabs.com/store/content/company/zap_za_grid.jsp?lid=ho_za

Comparative reviews of personal firewall software:
http://www.firewallguide.com/software.htm

Firewall Product Selector - Choose yourself which one to compare
http://www.spirit.com/cgi-new/report.pl?dbase=fw&function=view
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 12

Expert Comment

by:trywaredk
ID: 10730035
Spybot:
http://security.kolla.de/index.php

Ad-aware Standard Edition is THE award winning, free*, multicomponent adware detection and removal utility:
http://www.lavasoft.de/software/adaware/

SpyFerret detects & removes spyware
http://www.onlinepcfix.com/spyware/spyware.htm

Bazooka Adware and Spyware Scanner v1.13.01
http://www.kephyr.com/spywarescanner/

Automatic check of your browser for parasites, adware and spyware
http://www.doxdesk.com/parasite/
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10730038
Use this free online Trend Housecall scanner to find and clean every known virus/rootkits/backdoors:
http://housecall.trendmicro.com/housecall/start_corp.asp

Some viruses can't be removed by housecall. If so, use the free Trend Micro system cleaner:
http://www.trendmicro.com/download/tsc.asp

If you get's an ActiveX error, when loading the HouseCall web page:
http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=4317

If you want to secure your one workstation in the future, consider to purchase PC-cillin with builtin firewall:
http://www.trendmicro.com/en/products/desktop/pc-cillin/evaluate/overview.htm
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10730042
:o) Forgot the url from the quotes above from 04/01/2004 09:02AM CEST ....

http://www.kephyr.com/spywarescanner/library/coolwebsearch.winproc32/index.phtml
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 10730101
Reformatting your hard drive using restore/boot disk will not necessarily remove every nasty thing that's out there.
Even fdisk/MBR will not work at all times - and there are possible concomitant problems with this.
A low-level format (using the manufacturer of the hard disk's utility) generally, will get rid of almost everything.
Oh, and by the way - the virus that you,re referring to is nothing more then apart of Cool-Web-Search, which is spyware,
 malware, garbageware - and it is removed by a free, unobtrusive, app. called CWShredder.
Interesting!?! 77!?!
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now