You gotta be kidding me....BB says reformatting/reinstalling XP doesn' t remove virii and spyware

computerpro3

Senior member
Dec 19, 2003
658
0
76
Well to keep things short a family friend used the Best Buy Geek Squad to remove spyware/virii from their machine, and install windows xp. They did it without asking me first. Boy are they now regretting that .

So the guy removes all spyware and virii from their windows ME installation of windows, reboots, reformats the drive, and then installs XP. He's now charging them $160 for virii removal plus $99 for windows installation (originally $229, they pricematched me ).

So I call BB today and say how ridiculous it is to hit them for $160 for spywayre/virii removal and then promptly reformat the drive anyway. It wasted 5 hours and $160. The response the guy gives me is...are you ready for this....

"Reformatting the hard drive and installing windows, while removing some virii and spyware, does not remove all. Therefore both services had to be performed to meet your level of satisfaction that you expected".

Are you kidding me? How the hell did this guy get his job at the geek squad?

So fellow anandtechers, please give me some evidence that reformatting the entire hard drive gets rid of spyware and virii. Please.
 

michaelwan

Banned
Apr 29, 2004
10
0
0
This what I know:
Sometimes, reformatting the hard drive does not remove EVERYTHING. But, low-level formatting the hard drive will indeed remove everything. Nevertheless, doing both both services (spyware removal and then promptly reformatting HDD to install windows xp) sounds ridiculous to me.
 

Kilrsat

Golden Member
Jul 16, 2001
1,072
0
0
It is technically feasible for a virus to remain through a drive format. It does require the boot disk to be infected with the virus though. So if they created a boot disk from an infected OS install, then booted from that disk and reformatted the drive, there is the chance that the virus could have been transferred to the boot disk and then reinfected the machine once the format was finished.

Of course most modern viruses don't work this way, but a lot of the old school ones did.


*Edit*
Also the good old boot sector viruses wouldn't be removed by a simple format, unless they remembered to "fdisk /mbr" as well.
 

crimson117

Platinum Member
Aug 25, 2001
2,094
0
76
Originally posted by: computerpro3
Well to keep things short a family friend used the Best Buy Geek Squad to remove spyware/virii from their machine, and install windows xp. They did it without asking me first. Boy are they now regretting that .

So the guy removes all spyware and virii from their windows ME installation of windows, reboots, reformats the drive, and then installs XP. He's now charging them $160 for virii removal plus $99 for windows installation (originally $229, they pricematched me ).

So I call BB today and say how ridiculous it is to hit them for $160 for spywayre/virii removal and then promptly reformat the drive anyway. It wasted 5 hours and $160. The response the guy gives me is...are you ready for this....

"Reformatting the hard drive and installing windows, while removing some virii and spyware, does not remove all. Therefore both services had to be performed to meet your level of satisfaction that you expected".

Are you kidding me? How the hell did this guy get his job at the geek squad?

So fellow anandtechers, please give me some evidence that reformatting the entire hard drive gets rid of spyware and virii. Please.
If you need a good analogy, this is similar to taking out specific pages from a book, burning those pages, then burning the entire book. Why would you waste time removing the specific pages if you were just going to burn the whole book anyway?

NOTHING that spyware removal tools do would be missed by a reformat of the hard drive:

1. Ask him where the spyware is stored while the drive is reformatting.
- No, spyware does not hide in the BIOS. And he didn't reset the bios anyway.
2. Ask him if his spyware removal tools modify anything other than data on the hard drive.
3. Conclude that, since his spyware removal tools only change/remove data that's on the hard drive and reformatting the drive removes/erases/obliterates ALL data on the hard drive, he is full of $hit and he performed an unneccesary service.
4. Tell his manager that he is intentionally ripping you off and that you'll contact the BBB and the local Chamber of Commerce to report this fraudulent business practice.
5. Enjoy as your family friend takes you out for lunch in gratitude.
 

Appledrop

Platinum Member
Aug 25, 2004
2,340
0
0
Originally posted by: crimson117
Originally posted by: computerpro3
Well to keep things short a family friend used the Best Buy Geek Squad to remove spyware/virii from their machine, and install windows xp. They did it without asking me first. Boy are they now regretting that .

So the guy removes all spyware and virii from their windows ME installation of windows, reboots, reformats the drive, and then installs XP. He's now charging them $160 for virii removal plus $99 for windows installation (originally $229, they pricematched me ).

So I call BB today and say how ridiculous it is to hit them for $160 for spywayre/virii removal and then promptly reformat the drive anyway. It wasted 5 hours and $160. The response the guy gives me is...are you ready for this....

"Reformatting the hard drive and installing windows, while removing some virii and spyware, does not remove all. Therefore both services had to be performed to meet your level of satisfaction that you expected".

Are you kidding me? How the hell did this guy get his job at the geek squad?

So fellow anandtechers, please give me some evidence that reformatting the entire hard drive gets rid of spyware and virii. Please.
If you need a good analogy, this is similar to taking out specific pages from a book, burning those pages, then burning the entire book. Why would you waste time removing the specific pages if you were just going to burn the whole book anyway?

NOTHING that spyware removal tools do would be missed by a reformat of the hard drive:

1. Ask him where the spyware is stored while the drive is reformatting.
- No, spyware does not hide in the BIOS. And he didn't reset the bios anyway.
2. Ask him if his spyware removal tools modify anything other than data on the hard drive.
3. Conclude that, since his spyware removal tools only change/remove data that's on the hard drive and reformatting the drive removes/erases/obliterates ALL data on the hard drive, he is full of $hit and he performed an unneccesary service.
4. Tell his manager that he is intentionally ripping you off and that you'll contact the BBB and the local Chamber of Commerce to report this fraudulent business practice.
5. Enjoy as your family friend takes you out for lunch in gratitude.



DO THIS.
 

wfbberzerker

Lifer
Apr 12, 2001
10,423
0
0
Originally posted by: zephyrprime
A boot sector virus could survive a reinstall.

yes, but i guarantee you he wasnt checking for boot sector viruses during the "spyware/virus" removal.
 

moonsite

Senior member
May 17, 2003
692
1
76
If I was the technician, I would do a fdisk /mbr just to make sure it's clean, especially since I reformat already. Just to show that, the technician doesn't know what he is doing.
 

jpeyton

Moderator in SFF, Notebooks, Pre-Built/Barebones
Moderator
Aug 23, 2003
25,375
142
116
I do spyware removals on the side, and I charge about $25/hr.

Geek squad sucks donkey nads.
 

joecool

Platinum Member
Apr 2, 2001
2,934
2
81
Originally posted by: wfbberzerker
Originally posted by: zephyrprime
A boot sector virus could survive a reinstall.

yes, but i guarantee you he wasnt checking for boot sector viruses during the "spyware/virus" removal.

what he said ...

besides the boot sector (and i've never heard of spyware infecting the boot sector!), the only place anything could survive would be ON ANOTHER PARTITION OR DRIVE!!! and since you don't mention extra drives or partitions i'm guessing there weren't any. and since bb geek squad ain't that bright anyway i'd bet that even if you DID have other data storage they wouldn't have even scanned it.

do steps 1-5 above and enjoy!!!
 

Krk3561

Diamond Member
Jun 12, 2002
3,242
0
0
Damn, where are all there stupid people willing to spend that much to get their computer fixed! I'll charge 1/8 that!
 

CaptnCarnage

Member
Mar 24, 2004
101
0
0
A fdisk then a low level format would kill any virus especially if the reinstall after the fdisk and Format was a different os like XP which would use NTFS over fat32. They just bilked your boy for a good chunk of change. Hope he learned his leason
 

Kilrsat

Golden Member
Jul 16, 2001
1,072
0
0
Originally posted by: CaptnCarnage
A fdisk then a low level format would kill any virus especially if the reinstall after the fdisk and Format was a different os like XP which would use NTFS over fat32. They just bilked your boy for a good chunk of change. Hope he learned his leason

That is not completely accurate.
If the boot media/device is infected with a good old school TSR virus, it can completely exist in memory after booting. Thus you can format the drive all you want and it still maintains the ability to reinfect afterward. Of course with the modern os install cds that are bootable and take care of their own formatting, the risk of infected boot media is nil.

However those same modern utilities would not do an fdisk /mbr which is required to get rid of a boot sector virus. This means that the ideal way to safely clean the system would be to use a known clean read only boot media and manually run the fdisk and format operation, then boot from your os install cd and continue on with the install.

You need to remember that back in the day the goal of the virus wasn't to mass-mail itself, it was to load itself into memory and get into the boot sector of any disk inserted into the system. This insured that the virus could always be executing and that it had the highest chance of being passed onto another victim.

If their standard OS reinstall operation does not include the manual fdisk & format operation from known good media prior too booting from the OS install media, then there could still be a boot sector virus present. The only real way to find out if what they did was completely useless is to ask exactly how they performed the removal. Yes $160 is excessive for the operation when all that is needed is the fdisk/format combo prior to the reinstall, but if you asked for the service they may have delivered a useful item.
 

JonathanYoung

Senior member
Aug 15, 2003
379
0
71
FVCK Best Buy.

One time I went to Best Buy to do a pricematch, and when I explained to the little teeny bopper working there what I wanted to do (basically explain their own policy to her), here's what she said:

"You just told me your whole scheme."

No more chances for Best Buy, EVER.

To keep on topic, I think that nowadays (2004) a reformat will pretty much take care of any and all virii and spyware, unlike back in the day when I thought I had a clean boot disk for my 386 and I kept re-infecting myself.
 

sunase

Senior member
Nov 28, 2002
551
0
0
>So the guy removes all spyware and virii from their windows ME
>installation of windows, reboots, reformats the drive, and then installs XP.

Well I would expect the store also transferred files and settings from the old installation at some point (it wasn't brought in for a reformat, so how would the customers know to get their data off?). If there really was a full reformat preventing an upgrade install then this would have been done by some automated utility afterwards. Now there are plenty of ways to pickup unwanted hitchhikers under this situation, like dangerious .exe and .doc files in the document folders getting copied over, maybe a favorite/bookmark that goes to one of the spyware installing sites, virus infected files, etc.

Another justification could be if there were multiple hard drives, some left unformated with dangerous files on them. In fact the store's polices could be written with this in mind even if it doesn't apply in this case. If none of the above applies and the store just returned a brand spanking new installation without anything from the old, then I guess I agree with you with (with the caveat of the already mentioned about boot sector virus).

>but i guarantee you he wasnt checking for boot sector viruses during the "spyware/virus" removal.

Why do you think whatever anti-virus tool they use wouldn't check for those? Spyware tools I could see, but a decent virus checker definately will. Like was said anyway, however, you can replace the mbr which should be done with a format done for the reasons it was done.