Can Malwares Persist Through Reinstallations?

Discussion in 'Windows 7' started by puffyduff, Apr 12, 2018.

  1. puffyduff

    puffyduff MDL Member

    Sep 22, 2016
    124
    23
    10
    #1 puffyduff, Apr 12, 2018
    Last edited: Apr 12, 2018
    Sophisticated malware could do that. How sophisticated? I don't know but some possibilities makes sense.

    1- I remember I've read somewhere that your BIOS could get infected, that way the malware would persist thru Windows installations. Do you have any idea on how BIOS could infect the OS?
    2- You have an external or internal HDD with programs/movies/songs in it. If that drive was infected, it could infect the OS. Question is; Can the malware jump out without even opening an exe or movie? Just by being connected...

    I think big players like states can create such sophisticated malware. I'd imagine most governments would go any length for consolidation of power and controlling of the masses.
     
  2. nodnar

    nodnar MDL Addicted

    Oct 15, 2011
    984
    679
    30
    #2 nodnar, Apr 12, 2018
    Last edited: Apr 12, 2018
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. nodnar

    nodnar MDL Addicted

    Oct 15, 2011
    984
    679
    30
    I suspect that they have got a vested interest of using UEFI; this whole story I linked seems to imply it needs an usb-stick to infect the machine, That means they need to have physical acces to it. But I have my doubts about that. I read a lot about malware infections, and I think i saw some story somewhere where a mere malware infection could flash an infected UEFI, just I do not remember where I saw that, maybe after the Snowden/ NSA scare. All I know that states cannot be bothered to get physical acces to many machines.
    I suppose that we should be reasonably safe as long as there can be none of that. The most recent machine that had an `old-fashioned`bios that I ever got my claws on to fix was an I3 lappy. If i ever find one again [ unlikely..]I will buy it like a shot. The Eset scanner is advertised to be able to scan UEFI, but doubt if it can find anything. Or even fix it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. puffyduff

    puffyduff MDL Member

    Sep 22, 2016
    124
    23
    10
    Some motherboard manufacturers have software which allows you to flash your BIOS within Windows. So it's totally possible that some malware can do the same.

    I'm also wondering if it's possible to infect the system drive by just connecting another HDD to the computer (without running any program within that HDD). I believe they could do that with autorun.inf but there could be more sophisticated methods.
     
  5. nodnar

    nodnar MDL Addicted

    Oct 15, 2011
    984
    679
    30
    thanks, saved link for further reading.. I seem to remember reading that `something`went wrong in Iranian nuclear centrals, after their systems got infected by Israel.. :g:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...