Is it possible for malware to survive a format and reload?

Status
Not open for further replies.

Eric642

Distinguished
Jun 18, 2014
7
0
18,510
Could malware survive a format and reload done in this way?

- Unplugged internet.
- Turned off PC for over 24 hours at the power supply.
- Took out the CMOS battery for a while.
- Held down the power button for 15 secs with the CMOS battery out.
- Used Diskpart 'Clean All'
- Re-installed Windows 8.1 from the original DVD

Info:
Disk has GPT partition style
Z97 extreme4 motherboard

Thanks
 
Solution

That kind of malware seems to be most prevalent in high stakes company computers, like for financial institutions, government, and so on. While there have been reported uses of memory resident malware for botnet attacks, and maybe some other uses, finding it is much more tricky than most other things. Honestly, I'm surprised keeping your RAM hot after a shutdown isn't enough to wipe them, as RAM tends to lose its data relatively quick (within 10 minutes) after you shut down the computer. The techniques used may be more sophisticated, leaving the malware in...

Skylyne

Estimable
Sep 7, 2014
405
0
5,010

Yes, and no. It depends on what was infected, how, and who designed it. For the most common viruses, you'd be pretty accurate. On the flip side, one could write a virus for a USB flash drive that infects the micro controller, and the owner of the USB drive would have to throw away the USB drive to avoid infecting their computer... consumers have no way of reflashing the micro controller, so that's the only option.

OP- For the most basic, and most common, infections, reformatting the computer is plenty. If you run an SSD, and think the micro controller has been compromised, then I'm not entirely sure if you can defeat that virus (would depend on how it's written, and what options you have available for repairing the SSD.
 

Eric642

Distinguished
Jun 18, 2014
7
0
18,510
Thanks for your replies, and the helpful information.

I have heard of "RAM resident" malware, would the above format get rid of that also?

I have no SSD or USB flash drive.

Apologies, I should have given more system information when asking if the format would get rid of any malware.

ASRock extreme4
i5 4670k
1 HDD
32gb kingston RAM
DVD rom drive
No overclock, no graphics card, no other cards.

Many Thanks
 

Skylyne

Estimable
Sep 7, 2014
405
0
5,010

That kind of malware seems to be most prevalent in high stakes company computers, like for financial institutions, government, and so on. While there have been reported uses of memory resident malware for botnet attacks, and maybe some other uses, finding it is much more tricky than most other things. Honestly, I'm surprised keeping your RAM hot after a shutdown isn't enough to wipe them, as RAM tends to lose its data relatively quick (within 10 minutes) after you shut down the computer. The techniques used may be more sophisticated, leaving the malware in place, but I'm not too informed on exactly how you could (in theory) maintain an infection on the RAM alone. Perhaps I have the understand of the infection wrong? If it's loaded to your RAM after the system boots up, and the infection jumps to the RAM as soon as possible, then that might make more sense. If that's the case, then you might be able to "beat" the infection by simply wiping the infected hard disk, or simply replacing it.


Don't really need all that information, but it does give us an idea of what we're working with. As I previously stated, the HDDs don't appear to have a means for persistent infections; therefore, a "persistent" infection on a HDD would likely be due to a lack of properly wiping the MBR. But, that's just my take on it.
 
Solution
Status
Not open for further replies.