# Can a virus affect both drives in RAID 1?



## Widjaja (Mar 9, 2009)

A client had his windows startup trashed by a virus and it appeared to affect both drives.


----------



## h3llb3nd4 (Mar 9, 2009)

I suppose it depends on which disk windows is saved on...


----------



## Arrakis9 (Mar 9, 2009)

raid 1 is mirroring so, yes.


----------



## nepenthe (Mar 10, 2009)

If it didn't, it would be a crappy mirrored array.


----------



## Widjaja (Mar 10, 2009)

Bugger.
Well I wish it was a crappy mirror.
Cheers guys


----------



## BrooksyX (Mar 10, 2009)

Raid 1 = both drives having the exact same image on them. So if one drive is trashed by virus, the second drive will have the exact same problem. Raid1 cannot be selective in what it mirrors.


----------



## CheetoLover (Mar 10, 2009)

boot from the windows disk 
with vista use startrep 
also running chkdsk /f from command line is a wise move as well.

with xp boot from cd get to recovery consol
run
chkdsk /f c:
when its done run
fixboot
then run 
fixmbr
 then restart


----------



## inf3rno (Mar 10, 2009)

You gonna hit your both shoulders in RAID 1 armor.


----------



## CheetoLover (Mar 10, 2009)

Arrakis+9 said:


> raid 1 is mirroring so, yes.



hey nice avatar, that liz


----------



## btarunr (Mar 10, 2009)

The controller doesn't know what data is being mirrored. It's just moving 0s and 1s till both drives / members of the array look the same.


----------



## D007 (Mar 10, 2009)

yea +1 is your backup essentially..
but the data is mirrored.
so whatever is on one drive is on the other.
At least that's how I understand it.


----------



## Mussels (Mar 10, 2009)

D007 said:


> yea +1 is your backup essentially..
> but the data is mirrored.
> so whatever is on one drive is on the other.
> At least that's how I understand it.



and thats why i find raid 1 very limited in its use. It prevents data loss from one drive FAILING. it doesnt actually back anything up.. if one copy goes, both copies go.


----------



## Deleted member 3 (Mar 10, 2009)

Mussels said:


> and thats why i find raid 1 very limited in its use. It prevents data loss from one drive FAILING. it doesnt actually back anything up.. if one copy goes, both copies go.



That's why I've been saying "RAID is NOT a backup" for ages 

A virus not only _can_ affect both drives, it has to per definition.


----------



## ktr (Mar 10, 2009)

Raid is redundancy to physical failures (mechanical failures). But it provides no logical redundancy (software failures). 

So a combination of Raid and regular backup will provide the best redundancy for both physical and logical failures.

Now having a backup means to have multiple copies of the original source. So more copies you have, better redundancy. So if ones of those backups goes bad, you can recreate it from another backup. 

I know a lot of people thinks that having data on an external hard drive is considered a backup, but actually...that is the original source, thus not a backup.


----------



## nepenthe (Mar 10, 2009)

DanTheBanjoman said:


> That's why I've been saying "RAID is NOT a backup" for ages
> 
> A virus not only _can_ affect both drives, it has to per definition.


Well it depends what level raid you are talking about. But yes Raid1 by definition is a backup (for redundancy). It's a mirrored drive, so in the event of a hard-drive failure you can continue on as if nothing happened and retain all data. Of course any and everything exists on both drives, including any malware/spyware and viruses as well. Which is better, large amounts of data loss and possibly expensive recovery or the potential of also having to deal with a virus infection? I would go with the latter, but that's just me.


----------



## CheetoLover (Mar 12, 2009)

also here are 2 other fairly new AV's that are not only free, but opensorce.

http://moon-secure-antivirus.en.softonic.com/

http://www.clamwin.com/

moon is based on clamwin but its got some things clamwin lacks like memory resedent protection/scaner.


----------



## Lauya (Mar 18, 2009)

*it does not work*



CheetoLover said:


> boot from the windows disk
> with vista use startrep
> also running chkdsk /f from command line is a wise move as well.
> 
> ...



you know what i just tried the way above, while it does not work, i cannot reboot my pc, mgd!


----------



## FordGT90Concept (Mar 18, 2009)

Mussels said:


> and thats why i find raid 1 very limited in its use. It prevents data loss from one drive FAILING. it doesnt actually back anything up.. if one copy goes, both copies go.


It is "a" backup but not a "backup solution."  RAID (except 0) is for primary local backup.  An external drive/NAS could serve as a secondary local backup.  No backup solution is complete without off-site backup which should involve mailing *something* to someone else--the farther away the better.  It could be a disk, it could be a tape, and it could be a portable hard drive.  All of which need proper protection from the elements.

The advantage of having a complete backup solution is not only getting your data back but the closer to home the failure is, the more rapidly the recovery can be performed.  If a drive in a RAID array goes out, it takes a few hours to reconstruct it with a new drive.  If the RAID failed and you have to copy it across a NIC, it could take many hours.  If both those systems failed, you'd have to wait at least overnight for an off-site backup to make its way back to you in addition to some time to restore it.

RAID is simply the first hardware defense against data loss.

Heh, in this case, your RAID made sure the virus wasn't lost.  The good with the bad I suppose.




Lauya said:


> you know what i just tried the way above, while it does not work, i cannot reboot my pc, mgd!


What do you mean you cannot reboot your PC?  All those instructions do is repair the boot files (NTFS/MBR).  If the computer was infected, Windows may be damaged beyond recovery.  Best to get your data off the drive and do a fresh install.


----------



## denice25 (Mar 18, 2009)

yes...raid 1 is mirroring so you'll have the same problem..


----------



## Widjaja (Mar 18, 2009)

@mussels

Nice sig.

After thinking it was a virus, I reinstalled Vista x64 again in RAID 1 and switched RAID drives to install XP on the other.
After I installing XP I went back to Vista and had a boot BCD error which Vista could not repair.
One of the RAID drives was in a HDD enclosure.
After removing it and reinstalling Vista again I had no problems.


----------



## Lauya (Mar 19, 2009)

*thanks*



FordGT90Concept said:


> It is "a" backup but not a "backup solution."  RAID (except 0) is for primary local backup.  An external drive/NAS could serve as a secondary local backup.  No backup solution is complete without off-site backup which should involve mailing *something* to someone else--the farther away the better.  It could be a disk, it could be a tape, and it could be a portable hard drive.  All of which need proper protection from the elements.
> 
> The advantage of having a complete backup solution is not only getting your data back but the closer to home the failure is, the more rapidly the recovery can be performed.  If a drive in a RAID array goes out, it takes a few hours to reconstruct it with a new drive.  If the RAID failed and you have to copy it across a NIC, it could take many hours.  If both those systems failed, you'd have to wait at least overnight for an off-site backup to make its way back to you in addition to some time to restore it.
> 
> ...



hi, thanx anyway.
finally, my friend has reinstalled my os now.


----------

