January 21st, 2007, 12:52 AM
Surviving a hard drive replacement
Hi, I was wondering, is there any form of virus/spyware/rootkit that can survive a hard drive replacement? I've been having some troubles with my pc, and I was going to upgrade my hard drive anyway, so I just want to know if there was a way for anything to be transferred over, because I saw on rootkit.com something about rootkits being on EEPRO and not the hard drive, and such.
Another question, how easy is it to get a rootkit. I use firefox with noscript, have windows defender and AVG, and I don't download any weird programs. Would it still be possible to get a rootkit or something just by visiting the wrong site?
January 21st, 2007, 01:25 AM
January 21st, 2007, 01:30 AM
Thanks! Only problem is that I am computer illiterate and don't really know what you mean (sorry)
What do you mean by reflashing bios?
And what are those other two things you listed/how do I use them/what do they do?
Sorry, I don't know that much.
January 21st, 2007, 02:00 AM
Sorry pal, I honestly didn't know......as soon as you mentioned the EEPROM chips, I assumed that you had a much higher level of knowledge. Now, that said, please do not think that I am insulting your intelligence.
The EEPROM chips are usually soldered to the motherboard of your PC. It or they hold the basic start up information, and will work even before you load an operating system (like Windows).
The BIOS (Basic Input/output Operating System) runs your PC before you get into Windows. It could get infected, but that would be very rare these days.
My conclusion is that you will be OK, so just forget the issue and just go ahead.
Let me know how you get on, and we will go into a few more of the details.....
January 21st, 2007, 05:14 AM
I'm sorry, I'm paranoid/uninformed, so I don't know anything. If my bios WAS infected, how would I know? Would there be a way to just make sure there was nothing there? I don't know, I just want to make ABSOLUTELY SURE that there is no way when I change hard drives it doesn't transfer over.
January 21st, 2007, 10:32 AM
Shall we start from the beginning?
1. What is the precise nature of the problems that you are currently experiencing..........are you getting any blue screens or other error messages.....if so, what are they?
2. What is the make/model of computer that you are using?
3. What operating system/service pack do you have?
OK, now let's look at the reality of the situation:
If I "flash" (replace) your BIOS without knowing what system (motherboard) you have, there is a 99.999% chance that your PC will never work again. That is why the bad guys don't do it unless they really want to do just that damage. Try a search for the "Magistr" virus....... it did that sort of thing............written by a Russian chap in my age group
A lot of modern systems will not permit the BIOS to be "flashed" (updated) unless you use the specific tool provided by the motherboard manufacturer.
Furthermore, most of the decent systems I have built in the last 5 years or more have had dual EEPROM chips, so there is a backup that can only be accessed via the manufacturer's tools.
There are two certain ways of ensuring that the BIOS is clean:
1. Replace the motherboard.
2. "Flash" the BIOS yourself with a known "good" version.
However, you do not need to be an Einstein to work out that if you got infected once you will get infected again?
For that reason alone I recommend that you find out what happened to your existing system and take precautions to stop it happening again.
Anyway, my first move would be to save my stuff (and possibly the infection?) wipe the hard drive and reinstall the operating system.
If that works and the problems go away then you will know that it isn't your BIOS.