0

How can a virus remain in the system after formatting the whole HDD?

What are the ''types'' and how to remove them?

schroeder
  • 123,438
  • 55
  • 284
  • 319
blink
  • 1
  • This is basically the same question you've asked in autumn. As others told you then, why do you think you have malware? What you are experiencing might have a different cause than malware. – schroeder Jun 12 '22 at 13:56

1 Answers1

0

Here's an attempt to enumerate the ways a system could be infected while being reformatted:

  • The installation media itself could be infected. If you made the install disk from the infected system or downloaded it from a compromoised source, this is not unlikely
  • You failed to fully format the disk. For instance, if the EFI partition or the legacy boot sector is infected, and you only delete the OS partition
  • The hardware itself is infected; this could include the firmware in the install USB, the hard drive you are installing on, or the firmware of anything in the system
  • The OS you are installing has a remotely exploitable bug and you installed with the network connected (this was a problem with Windows XP)
  • You warm booted the system before reinstall instead of a power cycle, and the malware somehow managed to control the reboot process
  • After reinstalling the system, you repeat the action that infected it in the first place; for instance, running things from infected backup media without doing a virus scan first

There are probably other ways that were left out of this list.

user10489
  • 1,217
  • 1
  • 3
  • 13