Hardware replacement or wipe for sophisticated malware infection

Aaron Naser 81 Reputation points
2022-07-10T10:47:22.23+00:00

Hi.

I know already that this title sounds stupid but you must know my issue. After formatting and re-installing my OS and using multiple AV products I’ve came to a conclusion that I have a BIOS/UEFI rootkit or any complicated unheard of malware that infects firmware. It seems like it can evade detection and survive OS reinstallation. Flashing my BIOS/UEFI does not work since it’s peer virus on the OS will re-install its self onto my firmware again. I could just separate the components but I’m not a specialist.

I’ve had this malware for around 2 months and it was made my computer overpriced paper weight although my computer is still very much functional but I do not want to allow the hacker to make bitcoin out of me and steal my passwords. Keep in mind I’m still trying more advanced AV products that can scan for firmware malware. Replacing or wiping hardware is my last option.

I’m planning on taking advantage over my computer warranty so I can get it repaired or replaced. The main question that needs to be answered is that what hardware components need to be wiped or replaced in order to get rid of the malware. Make sure to mention all the components possible that can have a virus in it.

Windows for business | Windows Client for IT Pros | Devices and deployment | Other
Windows for business | Windows Client for IT Pros | User experience | Other
{count} votes

7 answers

Sort by: Most helpful
  1. S.Sengupta 24,871 Reputation points MVP
    2022-07-11T00:06:13.63+00:00

    Firstly using multiple AV make system slow and conflict.

    I think you are indicating Firmware malware.

    If that be the case then wiping your computer won't eliminate malware in firmware. After a clean install, you're replacing your operating system, but the firmware remains. The only way to get rid of a firmware virus is to reprogram or replace the chip that contains the firmware.

    1 person found this answer helpful.

  2. Dustin Bloomfield 6 Reputation points
    2022-12-17T19:38:27.79+00:00

    271692-screenshot-20221217-133512-opera.jpg

    1 person found this answer helpful.
    0 comments No comments

  3. Reza-Ameri 17,341 Reputation points Volunteer Moderator
    2022-07-11T15:05:52.927+00:00

    I advise you to submit the link of infected file and download to:
    https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site
    This site could scan and analyze it and discover other malicious components.
    In case you have any sample of files which you believe might be cause of infection, then submit them to:
    https://www.microsoft.com/en-us/wdsi/filesubmission


  4. S.Sengupta 24,871 Reputation points MVP
    2022-07-12T00:10:37.91+00:00

    It seems the malware is related to hardware as wiping or formatting OS doesn't really help you.

    It seems system is got infected with a bootkit is a malicious program designed to load as early as possible in the boot process. Bootkits are an advanced form of rootkit. They go even further, seeking to infect the master boot record or volume boot record, so it can act even before the loading of the machine's operating system.

    See:
    https://www.avg.com/en-ww/bootkit-remover


  5. Limitless Technology 39,931 Reputation points
    2022-07-13T09:23:13.253+00:00

    Hi there,

    Hardware has nothing to do with malware and a simple reset by deleting all the files will resolve the malware infections. Also, make sure you are secured after the reset.

    The Windows Malicious Software Removal Tool (MSRT) helps remove malicious software from computers.

    Remove specific prevalent malware with Windows Malicious Software Removal Tool (KB890830)

    https://support.microsoft.com/en-us/topic/remove-specific-prevalent-malware-with-windows-malicious-software-removal-tool-kb890830-ba51b71f-39cd-cdec-73eb-61979b0661e0

    How to prevent and remove viruses and other malware

    https://support.microsoft.com/en-us/topic/how-to-prevent-and-remove-viruses-and-other-malware-53dc9904-0baf-5150-6e9a-e6a8d6fa0cb5

    ----------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.