Results 1 to 6 of 6

Thread: Surviving a hard drive replacement

  1. #1
    Junior Member
    Join Date
    Apr 2006
    Posts
    17

    Surviving a hard drive replacement

    Hi, I was wondering, is there any form of virus/spyware/rootkit that can survive a hard drive replacement? I've been having some troubles with my pc, and I was going to upgrade my hard drive anyway, so I just want to know if there was a way for anything to be transferred over, because I saw on rootkit.com something about rootkits being on EEPRO and not the hard drive, and such.

    Another question, how easy is it to get a rootkit. I use firefox with noscript, have windows defender and AVG, and I don't download any weird programs. Would it still be possible to get a rootkit or something just by visiting the wrong site?

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hello kurokage,

    Yes, in theory that could happen.........however, I have been in this game for over 30 years and have never seen it or had it reported first hand.

    By your "EEPROM chip", I presume that you are talking BIOS? If you re-flashed your BIOS you would destroy it ( the virus that is)

    Modern boards generallyn have a redundant (spare) EEPROM chip that you can resort to as well.

    Please take a look at Fortres Grand virtual sandbox and WinSonar 2006......... not that I am paranoid or anything it is just that nothing has gotten near since using them.....and no conflicts

  3. #3
    Junior Member
    Join Date
    Apr 2006
    Posts
    17
    Thanks! Only problem is that I am computer illiterate and don't really know what you mean (sorry)

    What do you mean by reflashing bios?

    And what are those other two things you listed/how do I use them/what do they do?

    Sorry, I don't know that much.

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Sorry pal, I honestly didn't know......as soon as you mentioned the EEPROM chips, I assumed that you had a much higher level of knowledge. Now, that said, please do not think that I am insulting your intelligence.

    The EEPROM chips are usually soldered to the motherboard of your PC. It or they hold the basic start up information, and will work even before you load an operating system (like Windows).

    The BIOS (Basic Input/output Operating System) runs your PC before you get into Windows. It could get infected, but that would be very rare these days.

    My conclusion is that you will be OK, so just forget the issue and just go ahead.

    Let me know how you get on, and we will go into a few more of the details.....


  5. #5
    Junior Member
    Join Date
    Apr 2006
    Posts
    17
    I'm sorry, I'm paranoid/uninformed, so I don't know anything. If my bios WAS infected, how would I know? Would there be a way to just make sure there was nothing there? I don't know, I just want to make ABSOLUTELY SURE that there is no way when I change hard drives it doesn't transfer over.

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi, kurokage,

    Shall we start from the beginning?

    1. What is the precise nature of the problems that you are currently experiencing..........are you getting any blue screens or other error messages.....if so, what are they?

    2. What is the make/model of computer that you are using?

    3. What operating system/service pack do you have?

    OK, now let's look at the reality of the situation:

    If I "flash" (replace) your BIOS without knowing what system (motherboard) you have, there is a 99.999% chance that your PC will never work again. That is why the bad guys don't do it unless they really want to do just that damage. Try a search for the "Magistr" virus....... it did that sort of thing............written by a Russian chap in my age group

    A lot of modern systems will not permit the BIOS to be "flashed" (updated) unless you use the specific tool provided by the motherboard manufacturer.

    Furthermore, most of the decent systems I have built in the last 5 years or more have had dual EEPROM chips, so there is a backup that can only be accessed via the manufacturer's tools.

    There are two certain ways of ensuring that the BIOS is clean:

    1. Replace the motherboard.
    2. "Flash" the BIOS yourself with a known "good" version.

    However, you do not need to be an Einstein to work out that if you got infected once you will get infected again?

    For that reason alone I recommend that you find out what happened to your existing system and take precautions to stop it happening again.

    Anyway, my first move would be to save my stuff (and possibly the infection?) wipe the hard drive and reinstall the operating system.

    If that works and the problems go away then you will know that it isn't your BIOS.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •