hardware level virus or paranoia..

Discussion in 'malware problems & news' started by whatwoob, Sep 28, 2009.

Thread Status:
Not open for further replies.
  1. whatwoob

    whatwoob Registered Member

    Joined:
    Sep 28, 2009
    Posts:
    1
    My laptop is messed up. I've been reading about viruses that affect firmware, the bios, the cpu or chipset. I'm starting to think that my problems are related to that. That it's a hardware problem. Here's some background regarding my situation:

    About a year ago, I had a problem with my Dell laptop. My system suddenly became slow after booting into windows, using it for a while, and then returning to a live CD of linux. The slowness remained despite returning to Linux. It was like the crippling virus ( or whatever it is ) was stored somewhere else, besides the hard drive.

    I'm almost 100% sure it was not a typical case of viri or malware.

    When I bought a new laptop, I vowed to use Ubuntu exclusively, as I was sick of windows vulnerabilities. It ran fine for about a year until I decided to boot back into windows. The same thing happened to my new laptop, that happened to my Dell. The system became slow under Windows, and after rebooting back to Linux, the problem remained. So now I'm stuck with a slow system.

    I'm convinced something, somehow, messed with my hardware ( again ). Is there any way to diagnose this problem? Check the Bios, and hardware settings or something? Anyway to reset everything?

    I've read soem scarry things on: http://invisiblethingslab.com/ and other related security sites. Hardware level problems. Like things that affect the CPU. How do I fix this problem ( besides buying a new computer and never going into Windows )?

    Please Note: My current laptop is a HP 6730s.
     
    Last edited: Sep 28, 2009
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Whatwoob,

    Welcome to Wilders, but it's time to say goodbye to the paranoia. Really. Yea, there's lots of concepts tossed out there casually, but lets visit reality for a moment.

    Wipe the HDD clean and start anew with whatever OS works best for you. If slowness sets in yet again, break out Occam's Razor and liberally apply it to the explanations that are possible.

    Blue
     
  3. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Is it possible to reprogram hardware devices? Absolutely
    But, it depends.

    First, you must be infected via traditional methods (browser exploit, download, ip targeting) for sum1 to have access to your hardware. Probably root level access with stealth.
    They must be skillful enough to write assembly language, some of which may be specific to your model of system or device.
    They need to maintain persistence like rootkits that live in memory (routers have RAM also). A reboot doesn't rid you of this type.
    Any1 who can do this type of access/takeover is @ 1%r
    While it is not impossible, it is highly improbable.
    If it is occuring, you will need to become a reverse engineer just to discover and document it.
    Learning how to make copies of the realtek firmware from your network card and compare it to a known good firmware is not easy.

    Pinczakko has done some of this type of stuff as well as other people.
    http://www.geocities.com/mamanzip/

    If it is happening to you you will have symptoms, all programs are buggy. Write down the symptoms you encounter.
    Don't overlook the router, it can be altered for a redirect to a hacker (MITM), or even maintain malware in the RAM of the router. Many routers are left on even when the computer is shut off and/or unplugged.

    If sum1 ever does get into your hardware/firmware, you are better off standing on your head and gargling peanut butter than continuing to use it. Unless of course you can reprogram it yourself.
    But it would have to be badly infected traditionally first.

    And in this forum you will find a few 1%rs who will set you straight about what is possible and not and the level of skill involved.

    Have fun!
    And,
    Don't give up!
     
    Last edited: Sep 28, 2009
  4. trismegistos

    trismegistos Registered Member

    Joined:
    Jan 29, 2009
    Posts:
    365
    I didn't have exactly the same problem as yours but I suffered the same paranoia when something wrong happened to my newly bought netbook. Initially had thoughts having only simple hardware problem specifically to the 'keyboard' to account for the sluggishness in the boot ups with the occassional flaring or flooding of 'help' or F1 pop-ups.

    Obviously reading some 'fud' posts here at wilders give me another perspective- a paranoia, that, perhaps, the system had a super uber stealthy malware rootkit residing perhaps in BIOS or MBR that will persist even with secure wiping which will reside in RAM and hook before any antimalware will be able to detect.

    A few weeks had past, after countless scanning, reformatting, and restoring, same problems persist that I had lost realistic perspective that this was simply a hardware or keyboard problem. Until, I said enough is enough of this paranoia and send this netbook to the hardware experts. And true enough, a new keyboard solved the problems.

    If you are not a whistleblower or don't have something that Big Brother is very interested, you have to put to rest some of your fears and send your laptop immediately for hardware repairs if you have done already what our forum admin suggested or what Searching_ _ _ suggested about router settings and those didn't solved your problems.

    Btw, a single zero wipe of your hard disk is enough to remove that stealth MBR malware if you have any. Or a simple jumper resetting or clearing of the CMOS will remove any ultra rare theoretical and fantastical, not seen in the wild, BIOS malware. In short, have the hardware experts solve your problems after ruling out any MBR malware. Or if your budget warranted, a new complete hardware is in order.
     
    Last edited: Sep 28, 2009
Loading...
Thread Status:
Not open for further replies.