Solved

Will reformatting your hard drive remove winproc32 virus???

Posted on 2004-03-31
10
435 Views
Last Modified: 2013-12-04
Will reformatting your hard drive (uninstalling and using the manufacturers restore cd) remove winproc32 virus?  The winproc 32 virus hijacks your default homepage and changes your default windows registry information.  I am not interested in downlaoding any software to fix the problem.  Will reformatting the hard-drive remove the virus and eliminate subsequent problems???

Thanks!

0
Comment
Question by:a2bc777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
10 Comments
 
LVL 20

Accepted Solution

by:
What90 earned 77 total points
ID: 10729464
Hi a2bc777,


Yes it will, but it an extreme way to go for a simple remove and clean up job. Most av or spyware removal tools will get the job done in a tiny amount of time compared to a full rebuild.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10730013
Dont format your hard drive - Just unplugg your internetcable while you remove the CoolWebSearch Spyware

***quote***
CoolWebSearch.winproc32 hijacks your SearchUrl, Search Bar, Search Page, Home Page, Search Assistant, Default Page Url and Customized Search to 4-counter.com.

Classification
Adware

Files
WINPROC32.EXE

Vendor
CoolWebSearch.com

Privacy policy
No privacy policy available.

Detection
Bazooka Adware and Spyware Scanner detects CoolWebSearch.winproc32. Bazooka is freeware and detects spyware, adware, foistware, trojan horses, viruses, worms, etc. Read more »

Manual removal
Please follow the instructions below if you would like to remove CoolWebSearch.winproc32 manually. Please notice that you must follow the instructions very carefully and delete everything that is mentioned. In most cases the removal will fail if one single item is not deleted. If Bazooka still detects CoolWebSearch.winproc32 after stepping through the removal instructions, please double-check by stepping through them again.

Start your computer in safe mode.
Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type regedit and click OK. (The registry editor will open.)
Browse to the key:
'HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run'
In the right pane, delete the value called 'Windows Internet Protocol', if it exists.
Exit the registry editor.
Start Windows Explorer and delete:
%SystemDir%\WINPROC32.EXE
Note: %SystemDir% is a variable (?). By default, this is C:\Windows\System (Windows 95/98/Me), C:\WINNT\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
Restart your computer.
***end of quote***

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10730031
>"Will reformatting the hard-drive remove the virus and eliminate subsequent problems???"
>"I am not interested in downlaoding any software to fix the problem"

Reformatting your harddrive will remove a lot of your problem, but not nescessary everything, because virus can be hidden i the boot-sector of your harddrive - forget all about reformatting !!

The above url tells you how to remove CoolWebSearch manually, but you have to find out if anything else is hidden on your hard drive, and to protect yourself in the future:

Get a firewall
Get an antivirusprogram
Get an antispywareprogram
0
Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

 
LVL 12

Expert Comment

by:trywaredk
ID: 10730032
Getting a personal Firewall
http://www.zensecurity.co.uk/default.asp?URL=personal

Download the free version of Sygate personal firewall
http://smb.sygate.com/support/documents/spf/default.htm
http://smb.sygate.com/download/download.php?pid=spf

Download the free version of ZoneAlarm firewall
http://www.zonelabs.com/store/content/company/zap_za_grid.jsp?lid=ho_za

Comparative reviews of personal firewall software:
http://www.firewallguide.com/software.htm 

Firewall Product Selector - Choose yourself which one to compare
http://www.spirit.com/cgi-new/report.pl?dbase=fw&function=view
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10730035
Spybot:
http://security.kolla.de/index.php

Ad-aware Standard Edition is THE award winning, free*, multicomponent adware detection and removal utility:
http://www.lavasoft.de/software/adaware/

SpyFerret detects & removes spyware
http://www.onlinepcfix.com/spyware/spyware.htm

Bazooka Adware and Spyware Scanner v1.13.01
http://www.kephyr.com/spywarescanner/

Automatic check of your browser for parasites, adware and spyware
http://www.doxdesk.com/parasite/
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10730038
Use this free online Trend Housecall scanner to find and clean every known virus/rootkits/backdoors:
http://housecall.trendmicro.com/housecall/start_corp.asp

Some viruses can't be removed by housecall. If so, use the free Trend Micro system cleaner:
http://www.trendmicro.com/download/tsc.asp

If you get's an ActiveX error, when loading the HouseCall web page:
http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=4317

If you want to secure your one workstation in the future, consider to purchase PC-cillin with builtin firewall:
http://www.trendmicro.com/en/products/desktop/pc-cillin/evaluate/overview.htm
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10730042
:o) Forgot the url from the quotes above from 04/01/2004 09:02AM CEST ....

http://www.kephyr.com/spywarescanner/library/coolwebsearch.winproc32/index.phtml
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 10730101
Reformatting your hard drive using restore/boot disk will not necessarily remove every nasty thing that's out there.
Even fdisk/MBR will not work at all times - and there are possible concomitant problems with this.
A low-level format (using the manufacturer of the hard disk's utility) generally, will get rid of almost everything.
Oh, and by the way - the virus that you,re referring to is nothing more then apart of Cool-Web-Search, which is spyware,
 malware, garbageware - and it is removed by a free, unobtrusive, app. called CWShredder.
Interesting!?! 77!?!
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question