Cleaning a computer - any other views here?

That is straight-forward advice ....... but I wonder how many (even
'professionals') follow it!

Are you just as confident that ........ I'll call them 'gremlins'
.......... cannot remain within a computer if the hard drive is wiped as
you describe (or even replaced with a new one)?

What about gremlins hiding in, say, a RAM stick or somewhere on the
motherboard? There again, how could you possibly know the answer?!!

 

The problem is that the bad guys could have installed mallware on D: which
will allow them easy access later.

Exactly how would they hide on the motherboard?
If you had your ram stick plugged in at any time after the infection then
yes, it should also be wiped.

 

I'm pleased that you agree!

No idea if that is possible! Just asking

How, please, does one 'wipe' a RAM stick?


Thanks for responding btw!

 

For this, just erase all files, including all hidden files.

 

Hi "Unruh"

I think we are at cross purposes - no doubt due to me being less than
clear. I'm sorry for any confusion.

Please take a look here
http://ask-leo.com/can_i_use_a_usb_ram_stick_to_increase_system_memory.html
That item refers to what I now think *you* were referring . Correct?

*I* was referring to 'system' RAM viz:
http://lifehacker.com/software/feature/hack-attack-how-to-install-ram-138665.php

I know that all memory on system RAM is *supposed* to die without
power - when you study the construction, though, it seems quite feasible
to me (a layman) that such an item *could* be configured to retain
'gremlins', so to speak!

I have been led to believe that the BIOS on a motherboad can be
attacked/infected but I have no knowledge of how one may check and/or
'clean' same.

 

I appreciate this information, Tim. Thank you for taking the time and
trouble to post.

In another group, Shenan Stanley MVP said .........

"If the 'gremlin' was in the BIOS - the only writable media I know about
that could act in the way you are implying internal to the machine with
your "somewhere on the motherboard" comment - you've been more than
infested with malware."

Even whilst wearing my tinfoil helmet, my last PC was, I'm certain,
deliberately attacked - so there!

 

In my shop we wipe, delete all partitions, etc... I've yet to see
ANYTHING make it past that - booting from clean media and then wiping
the drive has always worked. Been doing this since the late 70's, never
seen a wiped machine retain malware after a full wipe.

Well, since I've not seen, actually myself, any malware that inserts
itself into the BIOS NVRAM/EEPROM, nor into the same for a Video Card,
and since I would NEVER keep any devices (USB memory) connected during
the cleaning phase, it's not an issue. How could I know the answer? I
use to actually design motherboards, the actual boards from the chip
level, and in the old days I actually developed several chips (analog
switches), so I know a little bit about computers.

 

It is completely erased every time the computer is switched off.

No. Could someone develope a piece of ram that retained its memory despite
power removal? possibly-- but exactly why would you buy it, especially
since it is vastly slower than real ram.

Buy a new computer. Anyway, the chances of anyone subv erting the bios and
leaving the machine bootable is almost nill. Would it be possible?
Yes.
It is also possible that President Obama spends four hours each day
personally going over the transcripts of all the conversations you have had that day
Yes, it is possible.

 

I'm still considering how best to answer you, Tim!

 

Thanks for posting, Leythos.

I do not doubt your skill and experience. I'm simply a user who still
has much to learn. Thank you for helping me!

A silly question. You said "never seen a wiped machine retain malware
after a full wipe." If a gremlin was *really* clever (and hid from view)
just HOW would you know it was there? Perhaps one just has to assume
that it's not ............ !

 

Because I have faith in the tools I use to wipe a drive at the lowest
level and the tools that I use to detect malware (detect to a point).

While I can't be 100.0% sure the machine is clean, I can be sure enough
to warrant providing a signed certificate stating it's clean and my
attorney and insurance provider have never found a problem with it or
asked me to stop.

 

Hello again, Tim

It's not always easy to communicate in this medium and I thank you for
your understanding. Perhaps it was me who didn't explain clearly!

Others seem to think likewise. I'll agree.

Ah - difficult for me to explain, being a non-techie! Let's sufice to
say that I have 'picked up' from who-knows-where the idea that just a
"little bit of code" could remain within a machine even after normal
cleaning. Next time the box is connected to the Internet I have gathered
that additional "code" can in some way be added to that previously left
behind and then relevant malware resurrect itself.

You are, I'm sure, aware that some modern malware can (and does) lay
hidden - but active - within a machine, yet without the knowledge of the
user.

The more-or-less sole purpose of malware nowadays is to steal money or
sell 'sake-oil' products. I was bitten for £245 and didn't like that. I
especially didn't like being threatened by email messages when I
eventually had my funds reinstated by PayPal. That is when I involved
the police and subsequently discussed matters with the (then) "National
High-Tech Computer Crime Unit". They were good - but understaffed and
far too busy! Now it's http://www.soca.gov.uk/

You make your point well, Tim. Perhaps, as this is a special day for me,
it is time to let things go.

I'll try.

 

Ooops!

In my long reply I apologise for my typo - I meant "snake-oil"!

Sorry.

 

Off-the-wall humour - *just* like my boy! ))

Manchester has much to answer for!

Nick had his car stolen there. The police found it - intact. But, by the
time Nick got to it, someone had trashed it and set it on fire! C'est la
vie! Back to the bank of mum and dad!

 

If you would like a tincture, explore ....... motzarella.newusers -
Pictures in groups?

Thanks for your email message btw!

 

FWIW - I'd trust YOU to clean *my* machine if you were close by! ))

Thanks for your helpful comments, Leythos.

 

Thanks, but I don't "Clean" machines for people I like, I wipe and
reinstall them.

There are a number of people in this group that I would trust as much as
I trust myself with networks. Not to offend anyone by omission, but
David Lipman as well as Stuart and Dustin, are people I would actually
trust to work on my systems and network.

There is one person that goes by many nyms that I would never allow to
have access to my trusted networks, but I won't mention his name.

 

Wipe and reinstall sounds good to me, Leythos!

When you say Dustin I'm going to assume you mean Dustin Cook of
BugHunter and Malwarebytes fame.

The un-named I assume is the one that refers to you as The Stalker.

Stuart though ............ that rings no bell. Further clarification
please! Many thanks.

 

Sorry, not additional details possible.