zero-fill HD
 

i have a laptop runing windows XP and has a TON of viruses and CAN NOT get rid of them! and the HD-is locked (by ahacker most likely)
we did EVERYTHING we could, the only option left is to zero-fill the HD. can some one please tell me how?:confused:

In a live-cd environment,
(replace sda with your drive).

P.S., most likely, just reformatting your hard drive will be sufficient. Zeroing it is usually done to inhibit forensic analysis (which is done after filling it with random bytes a few times).

Why is zero filling the hard disk the only option left? Although this is not a windows forum you haven't told us what errors you you were getting, what steps you took or why you are convinced a hacker locked your hard drive. It may be that there are many things you can do before trying to wipe the whole drive.

Be VERY CAREFUL that you select the correct drive for the following or you may wipe out data that you did not mean to. If you're convinced this is the only way, you could use DBAN or any bootable tools disk (for example SystemRescueCd) and run dd if=/dev/zero of=/dev/hda bs=1M (change /dev/dha to your hard disk).

Download the ISO for any live Linux CD. I like to use the System Rescue CD for things like this because it boots quickly and it has a lot of tools.

http://www.sysresccd.org/Main_Page

If you have trouble booting it you can give it boot parameters to ignore ACPI and APIC.
Then you can overwrite the hard disk. This could take a long time, like 12 hours or more. Any of the following commands, by itself, will do the trick. The first example command, shred, will take the longest because it will overwrite the disk 25 times. The second example and the third will only overwrite the disk once. The second example takes longer than the third because you are using the true random number generator while the third example uses the pseudo random number generator.

Note that you will be overwriting the badblocks file on the disk. It would be a good idea when you format the disk to use the long method that checks for bad blocks. This is available in Windows Disk Manager and in the Linux mkfs command.

ok i unlocked the HD (a freind told me how), but when i type

Format C:

it says "Format cannot run bcause the volume is in use by another process. Format may run if this volume is dismounted first.
ALL OPENED HANDLES TO THIS VOLUME WOULD THEN BE INVALID.
Would you like to force a dismount on this volume? <y/n>"

(when i tried "Y" it gave me a message and didn't work. it gave me the SAME message for "N") it says

"Cannot lock the drive. The volume is still in use."

what does it mean? and how do i fix it?:scratch:

No operating system will format the volume it is using to run.

darn. i only have 1 volume though...

Not only will this take longer, but you will empty out the entropy pool very quickly unless your system has a hardware RNG device.

Considering that this is a Windows security issue, and not a GNU/Linux one, I'm moving this to General. BTW, I really do think that the easiest way for you to zero-fill your drive is probably to boot a DBAN CD and select the Quick Erase option. Make sure you backup any important documents/data on any of the drives connected to the box before doing so, of course.

Not unless you use the fast urandom alternative frandom, which I posted about earlier. See for instance linkage in: http://www.linuxquestions.org/questi...42#post3123542.

you are supposed to boot off a cd to format your harddrive

A "silly" question: what's the point in wiping out entire harddrive with zeros (or random data)? Erasing partition table and MBR (i.e. first sectors) should be pretty enough to "kill" all data on harddrive. After that harddrive will look like unformatted, so it'll be possible to install new OS from scratch.

Here it is about sanitation, as in making certain versus "I thought".


Have disk, erase MBR and PT, run file carver?


Exactly. Saying "will look like" does not equal to making certain.

You're right--try here:
http://windowsquestions.org

;)

Hmm, I got there and had a feeling of deja vu followed by happiness...