Jump to content

Recommended Posts

I have been scanning and cleaning malware for the past three days. I've never been fully comfortable with using a computer that has been hit with malware because there is no sure way I'll know that it's fully 100% clean.

With that said, I figured my computer is about 3 years old, has regular hard drives (not solid state drives) and a huge case. So I told myself maybe its time to upgrade to some brand new clean SSD hard drives (faster boot up), a smaller case and a fresh Windows install.

My question is: Does anyone know for sure if malware can infect hardware like the CPU, Motherboard, RAM sticks or the video card via the BIOS or firmware on the hardware? Ideally I would like to re-use my video card, ram sticks and CPU in my new computer setup but am unsure if the hardware is un-affected by the malware I encountered recently.

Any input or links to articles would be appreciated. Thanks guys.

Link to post
Share on other sites

There has been a confirmed rootkit in the wild that can infect the BIOS of a motherboard, but flashing the BIOS will obviously remove that component of the infection. As I recall it only infects Award BIOS's.

During my cleaning process these past few days, I took the liberty to erase the motherboard bios by removing the battery for about 30 minutes and re-flashed it with the newest bios from the manufacturer (Asus). Not sure if that helped but I figured it would be one less thing to worry about being infected.

So do you think it would be safe to transfer the CPU, video card and ram to a brand new motherboard, brand new SSD and case setup? without worrying about malware infection on those hardware components?

Link to post
Share on other sites

Yep, that should be fine. In theory, infecting a component like a video card is possible, but I've heard of no cases of such infections in the wild ever. The most common form of recurring rootkit is one that infects the MBR (Master Boot Record) of a hard drive. In fact, that's what the BIOS infector I was referring to does. It's basically used as a component to get the MBR of the hard drive infected.

Link to post
Share on other sites

Yep, that should be fine. In theory, infecting a component like a video card is possible, but I've heard of no cases of such infections in the wild ever. The most common form of recurring rootkit is one that infects the MBR (Master Boot Record) of a hard drive. In fact, that's what the BIOS infector I was referring to does. It's basically used as a component to get the MBR of the hard drive infected.

Would you agree that I shouldn't attach any of my old hard drives because if they are still infected they could potentially infect my new hardware?

With that said, would you say the safest way to transfer files from my old hard drives to my new hard drives would be to burn them to data DVD's to prevent infection?

Thanks so much for your input.

Link to post
Share on other sites

I have been scanning and cleaning malware for the past three days. I've never been fully comfortable with using a computer that has been hit with malware because there is no sure way I'll know that it's fully 100% clean.

With that said, I figured my computer is about 3 years old, has regular hard drives (not solid state drives) and a huge case. So I told myself maybe its time to upgrade to some brand new clean SSD hard drives (faster boot up), a smaller case and a fresh Windows install.

My question is: Does anyone know for sure if malware can infect hardware like the CPU, Motherboard, RAM sticks or the video card via the BIOS or firmware on the hardware? Ideally I would like to re-use my video card, ram sticks and CPU in my new computer setup but am unsure if the hardware is un-affected by the malware I encountered recently.

Any input or links to articles would be appreciated. Thanks guys.

For all intents and purposes, hardware such as the video card, RAM, CPU and motherboard can not get infected. It is the software that runs/communicates with the hardware that can be infected. For the most part, hardware can NOT be infected.

It was mentioned that there is a RootKit that can compromise the system BIOS (Basic Input Output System). The BIOS is a set of low-level routines that works as middle-ware that allows any Operating System to communicate and work with the hardware of the motherboard. In the past the best that a malware could do is erase the BIOS or corrupt it. Recently, in China. a RootKit (which is a trojan and not a virus) was found to replace the the factory BIOS with a malicious BIOS. However, this is not easily accomplished as if a mistake is made it would leave the computer incapable of booting into the OS. Until last year, this was mostly a science experiment and nothing capable was seen "in the wild". As of this year we now know it is a possibility but an extremely remote possibility so one can generally discount that as a possibility.

There are basically two major classes of malware that one does have to be concerned with; viruses and trojans. The term virus is widely misused. most think all malware are viruses. Not true. The overarching concept of malicious software is "malware" for Malicious Software. All viruses are malware but not all malware are viruses. Viruses are a class of malware that is able to "self replicate" or spread on its own means and without intervention. Trojans are malware that needs assistance to be spread. The vast majority of malware seen Today are trojans.

For the most part, the malware infects the Operating System and software components such that the computer does the desired work the malicious author intended it to perform. This is the major worry. What malware is in the system, what is it trying to do and what modifications to the Operating System has been made.

In short, don't worry about the hardware. For 99.9% of malware seen in the wild, wiping the hard disk of its disk format and reinstalling the OS of choice will eliminate the malware. For the vast majority of cases of malware infection, depending on what it is and the extent of what has been done to the OS, the system can be cleaned of the malware. In some organizations they may have a policy in which there is malware, the computer must be wiped and the OS reinstalled (using an image). For the home user, most of the time, the home user will elect to clean their computer using anti malware software. There are those however that choose to wipe and reinstall the OS at the slightest hint of infection.

Would you agree that I shouldn't attach any of my old hard drives because if they are still infected they could potentially infect my new hardware?

With that said, would you say the safest way to transfer files from my old hard drives to my new hard drives would be to burn them to data DVD's to prevent infection?

Thanks so much for your input.

That would depend ONLY if it is a virus. Attaching an infected hard disk may transfer to an uninfected computer. One type of computer virus is the AutoRun Worm. If the uninfected computer has AutoPlay/AutoRun enabled and the infected hard disk has an AutoRun worm then the uninfected computer could in turn become infected. Most of the time this isn't the case. Disabling AutoRun/AutoPlay on the uninfected computer would mitigate that threat. The other case is where the infected hard disk has executable files and you execute them off the infected hard disk.

When connecting such a drive to another computer you ONLY grab/obtain data files. Not programs or executables.

In any event, the uninfected computer *MUST* have an anti virus application that is fully up-to-date on it. That will mitigate most threats where connecting an infected drive might compromise and uninfected computer.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.