The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
I sent a forensic image of its working memory to a leading expert on the security of the Macintosh operating system. He found unexpected daemons running on my machine, serving functions he could not ascertain. (A daemon is a background computing process, and most of them are benign, but the satanic flavor of the term seemed fitting here.) Some software exploits burrow in and make themselves very hard to remove, even if you wipe and reinstall the operating system, so I decided to abandon the laptop.
Off tbe top of my head, one could write a virus that modified the BIOS of a computer so that it loaded at every reboot. This would then inspect the installed operating system and download the appropriate daemon from the control website.
I'm certain that real virus writers could be much more creative.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
Depends how you do it - there are MBR viruses (and I think I've heard of GPT viruses as well) which can survive a reformat of the system partition. It's also possible to infect the BIOS / UEFI, though that's a lot harder, so they are pretty rare: BIOS Virus - Microsoft Community[^]
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
AntiTwitter: @DalekDave is now a follower!
Yes, this is possible. The flash bios on any hardware that has a flash bios can be infected, i.e. a graphics card, the motherboard, etc. I saw this first hand back in the mid 90's when flash bios started to become a thing. The company had ordered 24k modems for all of the lab workstations to upload lab results to an offsite reporting service. Due to the nature of the flash bios on the modems, one got infected from a user running a DOS application downloaded from a BBS. It took us, seems like, forever to discover that the hardware itself was compromised and had to be removed from the workstation.
"When you are dead, you won't even know that you are dead. It's a pain only felt by others; same thing when you are stupid."
Ignorant - An individual without knowledge, but is willing to learn. Stupid - An individual without knowledge and is incapable of learning. Idiot - An individual without knowledge and allows social media to do the thinking for them.
As others pointed out already, the MBR is in the startup chain, selecting the needed (and more obviously named) bootsector on a partition of the disk. In the early nineties at least, we called this the partitionsector. In that time, people did not seem to be generally aware of this. Once I was home with a flue, I got a call from work for assistance from just such an impossibly recurring virus. I had to feel my way with debug calling int 13h but succeeded tracing the problem to the MBR and overwriting the sector with the normally formatted partition sector. Forgot all about my flue in the proces.
Let me try a (speculative) answer along different lines:
1. If it's a QuickFormat, then virus data can still exist in sectors that are marked as clean of files. Of course, this virus is not active. I am just pointing out that a virus could use this to store its payload or stolen data for later use, if it was able to reactivate itself somehow.
2. Another vector would be a false format. If you format a disk (not the OS boot disk) from a computer that has malware, it could run a fake format that leaves things apparently blank, but in reality the disk is booby-trapped for the virus to reactivate itself. It would be quite tricky to pull this off, survive an OS reinstallation etc.
This has been discussed as to WHY you SHOULD ONLY USE a charging USB Cable!
The USB can be flashed from a public charging stand infected. And it is basically impossible to detect, because the virus LIES about being installed (imagine my shock!), and it adds itself on all future updates.
I remember back in my early career (DOS, pre-Windows 3.1) where we had to do manufacturer specific low-level formats to remove certain infections. Getting the utilities from the manufacturers was like pulling teeth. I spent 3 days strait at one client's office rebuilding ALL of their computers, then another full day scanning all of their floppies. Virus coders have become even craftier since then. Now days, you can infect so many different parts of a computer to survive formatting. Just about every component has its own flash-able memory that can be infected.
Money makes the world go round ... but documentation moves the money.
If the firmware of your ethernet network adapter or WLAN adapter gets infected your machine is lost.
An attacker can send you secrect data packets over the network and gain direct access to your RAM.
Your machine could also disconnected temporary or permanently from the internet ('internet kill switch').
Have a look at this article - the Intel management engine (IME) is basically a very small computer running inside your PC that has pretty much unrestricted access to every part of your PC and is completely unmonitored by your human facing operating system. The IME is so low-level that it's said to operate at 'Ring -3', i.e. it has more privileged access than your main operating system in kernel mode. And it has its own space for firmware, which could hold malware that would survive a disk being reformatted (or even taking out the old disk and putting in a new one).
And of course, vulnerabilities exist inside the IME - it's running software, so it's pretty much guaranteed it has bugs, and bugs lead to vulnerabilities - and those have been demonstrated several times... The 'Ring -3 rootkit' is particularly scary - something that can monitor everything your PC does, lives outside of your ability to see it, and is very difficult to remove...
Java, Basic, who cares - it's all a bunch of tree-hugging hippy cr*p