Stoic Sentinel
New Member
Can a virus stay embedded to a hard drive even after reformatting?
Virus Stuck on HDD?
- Thread starter Stoic Sentinel
- Start date
Stoic Sentinel
New Member
Lolz, alright, it's just that after a reformat, my OS stayed all weird...
Stoic Sentinel
New Member
Full Restore (Destructive) and before you answer that, can you by any chance recommend a good anti-virus? I'm currently using CA, but I'm seriously doubting it's reliability. I don't care if I have to buy it, just so long as it's under $35-40. 
Bodaggit23
Active Member
NOD32 is the best and lightest I've used, besides Microsoft Security Essentials, but that's not out yet.
Can a virus survive a plain format? It depends on the situation and what virus it is. A format only touches the content of the partition that is formatted. A virus can have placed itself outside of it with a link to the MBR.
If you format while a virus is resident in memory, it can copy itself back to the harddrive. Etc.
If you format while a virus is resident in memory, it can copy itself back to the harddrive. Etc.
Once the computer is turned off the memory is dumped. So if he boots into the recovery partitions or boots to an install cd how is a virus going to get back on the hard drive?
kimsland
New Member
The only clean install is by removing the Partition(s)
It is highly recommended to always remove the Partition(s) in favour (or addition) to a format
Also note that free Avira Antivirus is an excellent Antivirus and been world renowned on its ability. Many tech sites even state that it is the No.1 Antivirus software, not only that but I use it
It is highly recommended to always remove the Partition(s) in favour (or addition) to a format
Also note that free Avira Antivirus is an excellent Antivirus and been world renowned on its ability. Many tech sites even state that it is the No.1 Antivirus software, not only that but I use it
That alone will not remove a MBR virus.
kimsland
New Member
A new HardDrive does not have a partition either
I understand you are suggesting that removing the partition is in actual fact recoverable again
But if that's the case then if its not wiped up to 7 times then really anything is recoverable including viruses
The only clean install is by removing the partition(s) and that is what is meant by a clean install
To go any cleaner, you'd need a new (unpartitioned) drive
I understand you are suggesting that removing the partition is in actual fact recoverable again
But if that's the case then if its not wiped up to 7 times then really anything is recoverable including viruses
The only clean install is by removing the partition(s) and that is what is meant by a clean install
To go any cleaner, you'd need a new (unpartitioned) drive
Huh? Did I say anything about a new harddrive? I said: when you remove a partition, you just make a modification to a small table in the MBR. That will not remove such a virus as we are talking about.
If you were to overwrite every possible addressable sector on the drive - then it would be gone. And one overwrite would be enough. The 7 passes you've heard about is science fiction.
If you were to overwrite every possible addressable sector on the drive - then it would be gone. And one overwrite would be enough. The 7 passes you've heard about is science fiction.
kimsland
New Member
The master boot record is located at cylinder 0, head 0, and sector 1
Even if you do a full format and receive the message: "Non-system disk or disk error - Replace and press any key when ready", this itself is printed by the volume boot code that is read from the volume boot sector on the disk. (ie the MBR still exists)
To remove the Master Boot Record: (I have decided to be a lot clearer)
Regarding: "science fiction"
Although the excessive 7 Wipes as stated by the "government wipe" is suppose to be the most secure wipe in the world. Gererally only 3 Wipes is all that is required (at most). Or as stated earlier replace the drive, to be even more trusting of a virus or filesystem is gone.
Generally, a "Clean Install" means removing any/all partitions on the drive
I would always recommend users to run a clean install if installing Windows clean
Even if you do a full format and receive the message: "Non-system disk or disk error - Replace and press any key when ready", this itself is printed by the volume boot code that is read from the volume boot sector on the disk. (ie the MBR still exists)
To remove the Master Boot Record: (I have decided to be a lot clearer)
- DOS: Fdisk /MBR
- Win2K/XP: Fixmbr (From the Recovery Console)
- Vista/Win7: Bootrec /FixMbr (From the Recovery Environment > Command Prompt)
- Linux GRUB: grub-install or dd (From the grub interactive console)
- Linux Lilo: lilo -mbr
Regarding: "science fiction"
Although the excessive 7 Wipes as stated by the "government wipe" is suppose to be the most secure wipe in the world. Gererally only 3 Wipes is all that is required (at most). Or as stated earlier replace the drive, to be even more trusting of a virus or filesystem is gone.
Generally, a "Clean Install" means removing any/all partitions on the drive
I would always recommend users to run a clean install if installing Windows clean
kimsland
New Member
I expanded my help a bit above
As you can tell The partition is located in the same cluster segment as the MBR, its just that the MBR is at the beginning (and Partition table at the end)