Russ said:
I managed to pick up a nasty Cryptic trojan horse and all my attempts
to scan the drive with updated software have failed. I think this
thing has got my internet connx locked up pretty well. I figured I
would format my C drive after saving most of my data. Now when I give
the command to format via Win Explorer or My Computer, I get the
following msg:
Windows cannot format this drive. Quit any disk utilities or other
programs that are using this drive, and make sure that no window is
displaying the contents of the drive. Then try formatting again.
I tried to stop any programs using task manager, but then lost my
other icons so I could not start up Win Expl or My Computer. Any help
would be appreciated.
It's going to be pretty difficult, to format the partition that the
OS is currently running from. Is that what you're trying to do ?
If you want to erase the disk, you can use some other stand-alone tools
for that. DBAN from dban.org will erase an *entire* drive. You can also use
a Linux LiveCD and just erase the MBR sector, and that would
effectively destroy *all* partitions at the same time, on that
disk.
Before following any of that advice, what is your situation ?
Do you want to "format C:", while preserving D:, E: which are
still on the same physical disk ? That is a different issue,
than finding a way to erase the entire disk. If there is data
to be preserved, you'd have to be more selective in the tool
used.
But if the thing you're attempting to format, is the partition
you're booted from, I would expect the OS to complain about
that
Tools like GParted, can function like a standalone partitioning
tool. There is a LiveCD version available. I'm not completely
comfortable with this tool, due to some of the things it prints
in its status screen, but it is an alternative. Because it boots
its own OS, it isn't dependent on WinXP at all. It can handle
FAT32 or NTFS. I could probably manage to format a single
partition with this, using their LiveCD.
http://gparted.sourceforge.net/screenshots.php
*******
Also, just for fun, you can use an offline scanning tool, to avoid
the issue of the malware beating you. If you have a tool for
burning ISO9660 files to make a bootable CD (like Nero, Imgburn etc),
you can prepare a scanning CD with this file. When this CD boots
on your computer, it'll use DHCP to get an IP address from your
high speed ADSL or cable modem, then connect to Kaspersky and
get ~10MB of virus updates. (Make sure your high speed modem
is already running and logged in, because the scanning CD has
no browser for you to use, to control networking equipment. It
won't be able to get virus updates, unless it can reach the
Internet after it boots.)
Then, it will offer to scan your partitions. The drive lettering
shown in the menu, aren't real "drive letters". If you cannot figure
out which partition is C:, just tick all of them. (Unplugging any
extraneous data disks, before booting this CD, will cut down on
the amount of stuff you'd need to scan.)
http://devbuilds.kaspersky-labs.com/devbuilds/RescueDisk10/
I've tested that tool, and it detects the "EICAR test file" I
copied to C:, but since I don't have any real malware on here
(at least, none I'm aware of), I haven't had a chance to see
how it responds to a real threat. The advantage of the offline
scanning tool, is WinXP is not running at the time, so the
malware cannot upset operation of any tools as a result. The
above CD might use Linux Gentoo as the boot OS, and that is
what is running while the scan is taking place.
http://en.wikipedia.org/wiki/EICAR_test_file
One danger with such scanning tools, is what happens when the
tool "quarantines" a virus file. In some cases, tools like this
have been known to move the file to a RAM disk the Linux OS is using.
And then, when you reboot the computer, the quarantine folder is
lost. That can be an issue, if later you need to restore a
file that should not have been quarantined in the first place.
Paul