|16 Jan 2010||#31|
Jav, I'm not precisely sure what you mean by a "custom install" but yes I booted of the DVD and I found a screen that said "Where would you like to install Windows7?" (or something similar) and on that screen I tried everthing: I asked it to format the partitions and nothing much seemed to happen. I deleted all partitions and recreated them again. At one point when I asked it to format a partition it paused for about 4 or 5 seconds - but clearly not long enough to do any kind of serious formatting!
What still slightly worries me is that at the time of re-creating partitions, Windows7 grabbed about 100GB for its system files (or something). Sure enough my hard disk (a 500GB Seagate - model: ST3500320NS) now says that the C: drive's capacity is only 465GB rather than 500GB. And I was slighty suspicious that Windows7 might have been lazy and that the hidden partition might not have been formatted/rebuilt.
It is probably just me being paranoid... but there again if I was a virus author (which for the record I certainly am not!) then I would certainly be exploiting any such weaknesses of Windows7.
Let me explain some basics:
There are 3 types of Format:
1. High level format (AKA quick format) (type done by Windows)
2. Mid level Format (some people refer to it as Low level) (done by 3rd party software)
3. Low level Format (done only by manufacturers, as if wrongly used my break your HD)
So, you did 1. High level format.
Quote: Originally Posted by Wikipedia
A high-level format procedure is sometimes performed on a functioning disk to erase the contents of the hard drive. This is commonly termed a "reformat". While this may not completely erase all data from the drive , it erases critical areas, such as the boot sector and partition table. This gives the appearance of an empty disk to the operating system, making any existing contents unavailable by normal methods.
Quote: Originally Posted by Wikipedia
As with regular deletion, data on a disk is not fully destroyed during a high-level format. Instead, the area on the disk containing the data is merely marked as available (in whatever file system structure the format uses), and retains the old data until it is overwritten.
2. Mid-level format. (also referred as Wipe)
It will fill sectors either with 1s or 0s...
So it will Actually erase the Data from HD.
Now coming to your question, can virus survive High level format?
hmm... You will get different answers as it's complicated subject.
In theory, yes it can..
Let's see what happens.
1. Windows will do high level format and mark whole HD as empty and available.
2. So Virus still on HD but inaccessible by normal means
3. You reinstall Windows.
4. It may erase your virus, If Windows will be installed on that sector (as when Data written on High level formatted sector it will first erase inaccessible Data on it.)
5. You install write your programms and Data, It may erase virus (According to above rule)
6. Let's suppose virus still survived.
OS (Windows) can't see or access it as it sees it as empty space.
That means OS can't execute it, so it can't do any harm by itself.
So according to some theories even if virus physically on HD it can't do anything as it's inaccessible for OS and just like ghost which will be overwritten and erased when it's sector (place) used...
7. Theory number 2.
There are some programs which can get (recover) Data from High level formatted HD.
As Data is physically there.
So theoretically Virus can be recovered aswell.
But there comes some obstacles:
Firstly, Virus can't recover itself as it can't access OS or execute.
So it should be recovered by 3rd party software:
1. If you use some special program and recover erased Data (which you will not do)
2. Special virus targeted to recovering that particular virus from High level format.
We will forget First option, as you will not do it.
As you can see it's theoretically possible to virus survive and reactivate after High level format.
But in my opinion it's far fetched theory for home-user.
1. In order to Virus recovered you should AGAIN get infected by Special virus-recoverer
2. It should be special virus so it Should know what and where from to recover
3. It's unusual to you get infected by both of those special viruses
4. This theory will probably work only on targeted attacks
5. Very uncommon for Home user getting this kind of targeted attack.
6. As far as I know, this has never has been seen on the wild.
But in theory it's possible.
If you are getting Targeted attack it will be a lot easier for virus write to target BIOS viruses. (That can't be killed even by mid-level HD formats or even low level as it targets BIOS not HD)
more info on BIOS virus:
New BIOS Virus Withstands HDD Wipes - Tom's Hardware
Still BIOS virus is uncommon aswell.
But I am not security expert but just computer enthusiast So I am may be wrong on some points.
Sure enough my hard disk (a 500GB Seagate - model: ST3500320NS) now says that the C: drive's capacity is only 465GB rather than 500GB. And I was slighty suspicious that Windows7 might have been lazy and that the hidden partition might not have been formatted/rebuilt.
You see you Manufacturer defines storage by SI prefix, according to which 1 GB=1000000000 bytes (10^9)
But most OS s including Windows difeines storage on Binary prefix which is 1 GB= 1073741824 bytes (2^30)
on simple terms:
For manufacturer: 1 KB = 1000 bytes = 10^3
For OS: 1 KiB= 1024 bytes = 2^10 (Althought it will still say KB instaled of KiB)
So according to this rule:
1 GB = 1000^3 = 1000000000 bytes
500 MB = 1GB/2 = 500000000 bytes
1 GiB = 1024^3 = 1073741824 bytes
500000000/1073741824 = 0.4656661 GB
0.4656661 GB * 1000 = 465.666 MiB
Now you see why it shows 465 MB instead of 500 MB
Hope you will understand me.
|My System Specs|
|17 Jan 2010||#34|
|My System Specs|
|17 Jan 2010||#36|
This partition holds your boot and recovery files and also used by BitLocker.
If you preparation your HD (create partitions before installing) then you will not get this partition.
If you don't want it you can delete it.
But this way:
Backup!!! As if something goes wrong you may lose everything
But if you are unsure, Don't do it! Leve it alone, it will not hurt you! Many people just left it as it is, and it's recommended leaving it unless you have to!
|My System Specs|
|18 Jan 2010||#39|
OK cool - that about wraps it up - thanks so much for your help everyone.
However one more thing before I go....
My other computer at home is a Lenovo laptop (T60) running WinXP Pro.
I am using my Lenovo laptop to run all sorts of anti-virus/anti-malware utilities across another copy of all my data. (And interestingly enough when X1 desktop search spiders my archived Outlook(2003) PST files, Avast and MSE start going nuts talking about viruses! So I have now found various viruses lurking in my PST files and I have deleted the relevant emails on both of my PCs. But installing and uninstalling a series of different anti-viral applications will no doubt do nasty things to my Registry (because un-installing applications in Windows almost *never* seems to be a clean process!)
When the time comes to format the hard disk of my Lenovo laptop,
A). Should I ALSO format the special WindowsXP partition that WindowsXP arrive in (no WindowsXP CDs came with the machine at time of purchase)? (e.g. I could do a low level format using KillDisk off a CD, presumably)
B). If I do a KillDisk and completely format the ENTIRE hard disk, what is then the best way for me to get another copy of WindowsXP? (I do have access to an OEM version of WindowsXP from the Office, but obviously it will have the wrong installation code details?? (i.e. incorrect serial number/installation code details/ "product key"/"License number" or whatever... etc).
So should I take note of the number under Control Panel > System Properties > General Tab and then phone up Microsoft (UK) after I have attempted to install the thing?
|My System Specs|
|08 May 2011||#40|
Ummmm...Yes? J/K. I found this interesting because I was in a similar situation as well. Infected, pissed (not drunk), pissed (drunk) and very paranoid. It's all very complex yet simple at the same time. I'm learning as I go, so thanks to all!! Funny how there was no reply to the original's final post (Probably obvious to the SuperDupers, but maybe not to those who are newer here than myself, yeah?).
Raise him to Corporal!! Cheers
|My System Specs|
|Thread Tools||Search this Thread|
|Similar help and support threads|
Ultra-compressed .7z files are completely inaccessible on an NAS drive
Hello, This problem has evaded all solutions offered by me and by my company's technical support. I am about to move to a new work computer. In order to facilitate this move, I wanted to move as many files onto my shared network drive that I have with the company. Before I sent them over the...
Autorun.inf Files - Completely Block
How to Completely Block and Disable Autorun.inf Files in Windows When a CD/DVD disc is inserted or a USB drive is connected to your system, Windows looks in the root directory of the new disc or drive for a file named autorun.inf. If found, Windows executes the instructions (keys) in that...
How do I completely delete all of the files in HDD (E drive)
This question relates to the previous thread I've made about how I wasn't able to delete the files: http://www.sevenforums.com/general-discussion/262268-how-delete-program-files-system-folders.html Anyway, I've managed to delete majority of files using unlocker however, it still says that I...
Completely Hidden Files Bug
Hello, i wondering why my files hidden still can be searched down there? (and it feels like indexed, cause no time spend on this search!). i have private video and music file, and play it on hidden. i always make sure that the file is hidden. after open those file, when i click on...
How to completely delete the deleted files
Hi guys, i just want to ask if there's any software that completely deleted the unwanted files. I'm asking this because i deleted some files from my drive D i used SHIFT + DEL. But when I used my restoration software and press the search button it is still there. What I want is to completely...
My PC freezes completely when installing new programs
Hi guys. 3 days ago my PC starts making more noise than normal. After that it freezes completely when installing programs and sometimes when surfing in the net. Even during Steam updates it crashes. I tought it could be an hardware failure. I have run Windows memory Diagnostic tool,...
|BSOD Help and Support|
© Designer Media Ltd
All times are GMT -5. The time now is 10:59.