Virus Damaging PC Permanently

Discussion in 'Windows Desktop Systems' started by Dexter411, Jul 17, 2002.

  1. Dexter411

    Dexter411 Guest

    Hi Guys, (I'm Dexter, a newbie, so please be nice to me :) )

    I have recently been reading up about PC security when I thought something interesting (to me at least). Can viruses damage computers permanently (meaning that even after a FULL format, your PC would have problems)? Also, I have recently heard about laptop software which, when installed is stealth but, when the laptop is reported stolen, "phones home" whenever possible. I hear that this software is completely impossible to uninstall, even with a format. How is that?

    Thanks a lot. I see this is a nice community so I hope I can fit in :D .
  2. Reg

    Reg eXperienced!

    Arlington, TX
    The only type of virus that can permanently destroy your computer is a virus that reflashes your bios (motherboard, HD, CD-ROMS, etc). Most virus that reflash your bios, reflash the motherboard.

    It is possible to recover from a virus that does this. It requires loading your bios from ROM and low-level (not reformat) formatting your hard drive.

    I have never heard of laptop software that does that. If it did, I don't see how it could phone home since the laptop would not know it was stolen.
  3. Friend of Bill

    Friend of Bill What, me worry?

    Not if you got a trusty BIOS Savior on board. It's worth the 20 or 30 bucks. Just click the switch and viola...!:D
  4. Dexter411

    Dexter411 Guest


    Thanks for the information.

    About the software:

    The way it would know it was stolen would be if the user went online through ANY account. The software would phone home (like it would, even if not stolen) with a reg. number and, if reported stolen, would contact police to help trace it. I heard about it and was curious about how it would be possible to not uninstall it with a format.

  5. Reg

    Reg eXperienced!

    Arlington, TX
    Oh programs like that. Reformatting the PC would uninstall it unless it was written in what is known as a "blank" or "hidden" partition. These partitions are usually FAT16 based partitions that are not visible to FDISK tools or Windows. These paritions have a maximum size of 2GB, but most are less than 10-20MB. A stealth program can be installed on a partition like this and will run itself once your computer turns on.

    Most programs that stealth like that write themselves to the MBR instead of hidden partitions. Since the program is only sending out data, it can easily be placed into the MBR and is completely protected from reformats. The only way to remove the program is to rewrite the MBR or low-level format the HD. The easiest is to rewrite the MBR.
  6. RobbieSan

    RobbieSan Guest

  7. Narcissus

    Narcissus Guest

    About the Software

    I know there was a prog a few years ago that did something like that, i think it was called Homing Pigeon...

    Youve not bought yourself a "cheap" laptop have you :eek:
  8. dave holbon

    dave holbon Moderator

    London England
    Reg is right, however many moons ago before the advent of IDE drives; old MFM drives had an area on the platters that could not be written to by any operating system or accessed by any programme accept that supplied by the drive manufacturer. This was used to store various drive maintenance information pertaining to dodgy sectors, tracks etc. This was the original place to put a pointer to your virus in the MBR but had to be done before the operating system started loading. In effect you had to write a mini operating system first.

    Because my knowledge is so far out of date and the fact that modern IDE drives are processed by message, just like SCSI drives, and rely on on-board intellegence (another CPU), it’s become almost impossible to access drives at the level required to say for sure that a virus is not present. However stopping the virus from getting to the hardware in the first palce is not too difficult.

    The MBR (Master Boot Record)

    Quote: - (Windows XP inside-out. Microsoft Press)
    A basic disk is a physical disk that contains primary partitions, extended partitions, and logical drives. This is the same disk structure that has been used by all versions of MS-DOS, Windows 95/98/Me, and Windows NT 4. The partition table, which stores information about the number, type, and placement of partitions on the disk, is located in a 64-byte section of the Master Boot Record, the first sector on the disk. On a basic disk, you can create a maximum of four partitions, which can include one extended partition. Within an extended partition, you can create multiple logical drives, which are the familiar drive structures that appear in Windows Explorer as drive D, drive E, and so on.
    A dynamic disk is a physical disk that contains one or more dynamic volumes, which are similar to partitions on a basic disk. Dynamic disks were introduced in Windows 2000 and are incompatible with earlier Microsoft operating systems. A dynamic disk does not have an MBR; instead, it maintains information about the layout of disk volumes in a database stored on the last 1 MB of the disk. When you create partitions using Windows XP (or Windows 2000), the operating system never uses the full space; instead, it reserves 8 MB for the dynamic disk database, so that you can convert a FAT32 disk later.
    In order to circumnavigate the problems associated with MBR type formats, change you drive to “dynamic disk” configurations. These do not use “MBR” and load in in different way, allowing a much more flexable disk partitioning structure.

    Most modern stealth software can’t overcome this yet but as ever if you have 20 million dollars in cash stored on your hard drive!!, someone somewhere is going to figure out a way of stealing it, given the time and resources.
  9. w0lv3rin3

    w0lv3rin3 The Source Political User

    Barrie, ON
    Let me Clear everything Up For ALL!


    Viruses are verly deadly, if programmed by a good programmer, one virii can over heat your CPU FAST, another can turn off ur fan, one can over serg your motherboard, one could melt your mother board, one can make your CD spin so fast that it will melt into ur CD rom, but those types of virii are rare to come by, but it is possible cause these are not your common virii.

    virii can hide its self into its MBR (Master Boot Record), u can remove it by reseting your MBR. after a format its still their, and virii are able to hide into ur BIOS.

    ull be susprized on what virii can do.