Zombie Virus?

[lxskllr]

I've seen people recommend Dbanning a drive after a virus infection, and I was wondering if that were really necessary. What about a format, or even a quick format? Can a virus resurrect itself when there's no official reference to it?

 

[mechBgon]

You may have noticed that if you run WinXP Setup, you can delete the partitions, make new ones, format or quick-format them, and still have your final boot-up process interrupted by a "which WinXP should I boot?" screen if you don't quit Setup and start it over. DBAN eliminates the MBR, which can be infected. I believe there's malware that's even more advanced than that nowdays. DBAN isn't quick or elegant, but when you want to be sure... :evil: yeah.

I agree, in the conventional sense, I could quick-format my E: drive that contains several GB of malware samples, install Windows on it, no worries.

 

[lxskllr]

Thanks mech. Informative as usual :^)

 

[gsellis]

Define virus... Much of today's Malware ignores the original vectors such as the MBR, partition hiding, bootable media, etc. that old school viruses did. Rootkits tend to fall victim to partition wipes and rebuilds from bootable read-only media (except the one linked above). But then a reinfection can easily occur because of a nearby infected machine and old CD media (XP with no SP for example - worms....).

Old School? Read the One Half description http://www.f-secure.com/v-descs/one_half.shtml
My favorite one for how vicious it was.