cleaning a SATA drive
Soccer Dad
question is a SATA.
We had a SATA installed on a computer that may have been infected with
a virus, and in order to use it again, we need wipe the drive clean.
Do WD drives come with diagnostic programs that will do a low level
format? Once the drive is formatted, how can we install an OS?
Grant
IN Linux do
dd if=/dev/zero bs=1M of=/dev/sdX
you can use any of the linux live-CD distros. Writing zeroes to the
entire surface clears the HDD and is the modern equivalent to a low
level format.
Grant.
--
http://bugsplatter.id.au
Arno
You cannot low-level format modern disks. What you do instead
is a complete overwrite with zeros.
Get a Knoppix 5.1.1 CD, boot from it and go to the console (Alt-F1).
Then use 'dd_rescue' to overwrite the drive:
dd_rescue -w /dev/zero /dev/sda
If your drive is not sda, replace by the device name of the
drive. To list all drives and partitions use
fdisk -l
'dd_rescue' is better than 'dd', because it is a forensics and
recovery tool. It guives a nice progess indicator and it
will overwrite (or read) disks with errors.
For the OS installation, you need an installation medium.
For Linux/Windows/FreeBSD/... this is typically a bootable
CD or DVD. Boot from it after having zeroed the disk and
follow the instructions.
Arno
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: ar...@wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
John Dulak
Soccer Dad:
Try "Copy-Wipe". A good utility to have in any case.
http://www.terabyteunlimited.com/copywipe.php
HTH & GL
John
--
\\\||///
------------------o000----(o)(o)----000o----------------
----------------------------()--------------------------
'' Madness takes its toll - Please have exact change. ''
John Dulak - 40.4913�N,79.904�W - http://tinyurl.com/2qs6o6
Rod Speed
> I suppose this could be a general post about
> any HD, but the drive in question is a SATA.
> We had a SATA installed on a computer that may have been infected
> with a virus, and in order to use it again, we need wipe the drive clean.
> Do WD drives come with diagnostic programs that will do a low level format?
You cant do a low level format on modern drives.
Its trivial to do an OS level format.
> Once the drive is formatted, how can we install an OS?
Depends on the OS. XP and Vista and Windows 7 will all
do a format of the physical drive when you boot from the
distribution CD, in the very first phase of a clean install.
Its similar with Win9x and Linux although a little more manual.
David Lesher
>We had a SATA installed on a computer that may have been infected with
>a virus, and in order to use it again, we need wipe the drive clean.
You want DBAN, Dan's burn & nuke.....
--
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433
Harry331
Wiping is easy. But re-install the OS (assume XP) may be difficult,
if you do not have the correct drivers.
Also, XP may not have the correct driver for your SATA HDD.
Here is what I would do.
1. Run Driver Magician to extract the drivers on the existing
OS. Save the drivers to somewhere.
2. If you don't trust the drivers from an infected OS,
fetch copies of drivers from the manufacturer web sites.
3. slipstream XP CD with the SATA HDD driver, using nLite.
Boot test your XP CD as to confirm it can see your SATA HDD.
4. wipe the HDD. Many people have had good suggestions already.
I prefer using Partition Magic, or Acronis Disk Director.
5. Boot up XP slipstream CD that can recognize your SATA HDD.
And install XP to the HDD.
Rod Speed
> Soccer Dad wrote
>> I suppose this could be a general post about
>> any HD, but the drive in question is a SATA.
>> We had a SATA installed on a computer that may have been infected
>> with a virus, and in order to use it again, we need wipe the drive clean.
>> Do WD drives come with diagnostic programs that will do a low level
>> format? Once the drive is formatted, how can we install an OS?
> Wiping is easy. But re-install the OS (assume XP)
> may be difficult, if you do not have the correct drivers.
Nope.
> Also, XP may not have the correct driver for your SATA HDD.
Slipstreamed SP2 or SP3 will be fine.
> Here is what I would do.
> 1. Run Driver Magician to extract the drivers on the existing
> OS. Save the drivers to somewhere.
> 2. If you don't trust the drivers from an infected OS,
> fetch copies of drivers from the manufacturer web sites.
> 3. slipstream XP CD with the SATA HDD driver, using nLite.
Makes a lot more sense to slipsteam SP2 or SP3.
> Boot test your XP CD as to confirm it can see your SATA HDD.
He wont be able to install it if it cant, no need to test anything.
> 4. wipe the HDD. Many people have had good suggestions already.
> I prefer using Partition Magic, or Acronis Disk Director.
The XP install CD will format the partition fine.
> 5. Boot up XP slipstream CD that can recognize your SATA HDD.
> And install XP to the HDD.
Might as well use it to do the formatting.
Arno
> Soccer Dad wrote...
>>
>>I suppose this could be a general post about any HD, but the drive in
>>question is a SATA.
>>
>>We had a SATA installed on a computer that may have been infected with
>>a virus, and in order to use it again, we need wipe the drive clean.
>>
>>Do WD drives come with diagnostic programs that will do a low level
>>format? Once the drive is formatted, how can we install an OS?
> Wiping is easy. But re-install the OS (assume XP) may be difficult,
> if you do not have the correct drivers.
> Also, XP may not have the correct driver for your SATA HDD.
Actually that would be the driver for the SATA controller, the
HDD does not need a driver. Best either donwload that and burn
it to CD before reinstallig or find the original driver CD.
If your controller runs in ATA/IDE mode (typically a BIOS setting),
you can do without the driver for the initial install and
add it later (for performance reasons).
> Here is what I would do.
> 1. Run Driver Magician to extract the drivers on the existing
> OS. Save the drivers to somewhere.
Hm. Risky with an infected PC.
> 2. If you don't trust the drivers from an infected OS,
> fetch copies of drivers from the manufacturer web sites.
Do that.
> 3. slipstream XP CD with the SATA HDD driver, using nLite.
> Boot test your XP CD as to confirm it can see your SATA HDD.
Alternatively, just burn the driver files (unpacked) to CD and
insert the CD when asked for 3rd party drivers.
> 4. wipe the HDD. Many people have had good suggestions already.
> I prefer using Partition Magic, or Acronis Disk Director.
> 5. Boot up XP slipstream CD that can recognize your SATA HDD.
> And install XP to the HDD.
There is a second driver you will want to have ready, namely
the network card driver. If you have HDD and network, you can
get everything else later from the net. Without one or the other,
you need a separate PC or are stuck.
Of course, with a modern Linux distribution, none of this driver
juggeling is necessary. With Windows 7 it should not be either,
but OS integrated driver support is still significantly behind.
Yousuf Khan
> I suppose this could be a general post about any HD, but the drive in
> question is a SATA.
>
> We had a SATA installed on a computer that may have been infected with
> a virus, and in order to use it again, we need wipe the drive clean.
As others have pointed out, if you want to totally remove all traces of
data on the drive, then any number of methods and utilities will be able
to write zeros to your drive to wipe it out. However, for a virus
infection that's not necessary, a simple repartitioning and reformat is
enough. You'd have to boot into your original Windows install CDs and
reinstall the OS, and that should be enough.
Viruses cannot survive past a high-level reformat, let alone a full disk
repartitioning.
> Do WD drives come with diagnostic programs that will do a low level
> format? Once the drive is formatted, how can we install an OS?
You'll need your original Windows XP (or whichever Windows) install CDs
or DVDs.
Yousuf Khan
Harry
> > 3. slipstream XP CD with the SATA HDD driver, using nLite.
> > Boot test your XP CD as to confirm it can see your SATA HDD.
>
> Alternatively, just burn the driver files (unpacked) to CD and
> insert the CD when asked for 3rd party drivers.
Correct me if I am wrong.
Isn't that XP Install CD asks only for inserting floppy with drivers?
I meant there is no U.I. for user to invert a driver CD
during XP installation. And for nowsaday's PC's with SATA HDD,
there is little chance you can find one with a floppy drive.
No to metion one with two CD/DVD drives; one for XP install
CD, and the second for driver CD.
That's the point for slipstreaming SATA controller drivers to the
XP install CD's. And yes, as you have corrected me; it is
drivers for SATA controllers, not drivers for SATA HDD.
Arno
> On Oct 29, 6:00?am, Arno <m...@privacy.net> wrote:
>> > 3. slipstream XP CD with the SATA HDD driver, using nLite.
>> > ? Boot test your XP CD as to confirm it can see your SATA HDD.
>>
>> Alternatively, just burn the driver files (unpacked) to CD and
>> insert the CD when asked for 3rd party drivers.
> Correct me if I am wrong.
> Isn't that XP Install CD asks only for inserting floppy with drivers?
> I meant there is no U.I. for user to invert a driver CD
> during XP installation. And for nowsaday's PC's with SATA HDD,
> there is little chance you can find one with a floppy drive.
> No to metion one with two CD/DVD drives; one for XP install
> CD, and the second for driver CD.
Possible. I have not installed XP for ages. I have been able to
get it through several hardware changes now.
Interestingly, there is a really stupid bug in Win 7 at this point: It
does not prompt you to re-instert the Win 7 DVD after driver
installation and gives you a cryptic hex error code instead. Just like
this part of the installer was never really tested. I ran into this
last weekend.
> That's the point for slipstreaming SATA controller drivers to the
> XP install CD's. And yes, as you have corrected me; it is
> drivers for SATA controllers, not drivers for SATA HDD.
Well, I think XP can read drivers from CD by using the
"specify location" functionality, even if it talks about
wanting a floppy disk. But I am by no means sure and I will
not go through the pain of installing it to find out ;-)
If it works, however, you will be able to swotch CDs in
one drive.
Come to think of it, with a modern BIOS, may an USB key in
superfloppy format work?
David Lesher
>As others have pointed out, if you want to totally remove all traces of
>data on the drive, then any number of methods and utilities will be able
>to write zeros to your drive to wipe it out. However, for a virus
>infection that's not necessary, a simple repartitioning and reformat is
>enough. You'd have to boot into your original Windows install CDs and
>reinstall the OS, and that should be enough.
>Viruses cannot survive past a high-level reformat, let alone a full disk
>repartitioning.
I wish this was still true. There are several virulent boot sector viruses
out there now.
Grant
>Yousuf Khan <bbb...@spammenot.yahoo.com> writes:
>
>
>>As others have pointed out, if you want to totally remove all traces of
>>data on the drive, then any number of methods and utilities will be able
>>to write zeros to your drive to wipe it out. However, for a virus
>>infection that's not necessary, a simple repartitioning and reformat is
>>enough. You'd have to boot into your original Windows install CDs and
>>reinstall the OS, and that should be enough.
>
>>Viruses cannot survive past a high-level reformat, let alone a full disk
>>repartitioning.
>
>I wish this was still true. There are several virulent boot sector viruses
>out there now.
And the Host Protected Area -- though gigabyte have broken some
installs with their silly new idea of backing up the BIOS in an
HPA.
Grant.
--
http://bugsplatter.id.au
Arno
>>As others have pointed out, if you want to totally remove all traces of
>>data on the drive, then any number of methods and utilities will be able
>>to write zeros to your drive to wipe it out. However, for a virus
>>infection that's not necessary, a simple repartitioning and reformat is
>>enough. You'd have to boot into your original Windows install CDs and
>>reinstall the OS, and that should be enough.
>>Viruses cannot survive past a high-level reformat, let alone a full disk
>>repartitioning.
> I wish this was still true. There are several virulent boot sector
> viruses out there now.
Some classics do not die, unfortunately.
Yousuf Khan
>> repartitioning.
>
> I wish this was still true. There are several virulent boot sector viruses
> out there now.
Fixmbr should take care of that also. When you install Windows and it
asks you if you want to reformat and repartition a drive completely from
scratch, that should also reset the MBR.
Yousuf Khan