graphics card, motherboard, memory security question?
It has come to my attention that certain rootkits evade detection by hiding in an HDD’s Host
Protected Area or in the Device Configuration obverlay area, both of which are generally not visible to the user. Hdparm and other tools such as the Sleuth kit (as well as some physical write blockers used by computer forensics professionals) supposedly let you disable both the HPA and the DCO, meaning that it should be possible to securely wipe all your data, including viruses, worms, trojans, rootkits, etc.
My question is as follows: is it possible for some piece of malware to infect a user’s graphics card, motherboard, memory, etc? I know that ClamWin has the ability to scan memory for malicious programs, but is there any chance some of these programs are somehow hiding in any of the non-HDD components, lingering in obscure hidden areas of one’s motherboard or graphics card or whatnot.
Tagged with: clamwin • computer forensics • device configuration • graphics card • hdd • hdparm • hidden areas • hpa • malicious programs • malware • memory • motherboard • s graphics • sleuth kit • whatnot • worms
Filed under: Data Security
Like this post? Subscribe to my RSS feed and get loads more!
You will not know until you run a good scanner for your computer.
Even scanning in safe mode, root kit viruses are not easily detectable. They hide their own files as soon as the system boots. They are on the HDD, and load when you first load the windows….
I’ve cleared some by booting a stand-alone boot CD, and running some virus scans, but it is hard to do regardless….
Viruses do not hide in video cards or motherboards. Video is RAM, and gets wiped clear when you power off, and motherboard BIOS is usually protected (non-executable without proper patch procedure)