Recovering data from Bios infected drives

G

Guest

Guest
In December, despite active/updated anti-virus and firewall, both my older XP pc's were infiltrated by a BIOS virus. Initially assuming it was a normal malware/virus issue I yanked them off the internet, pulled the HDDs out, shelved them and bought a new one. While attempting the OS install, the first thing I noticed was Bios changes had been made creating a previously non-existent hardware device which post kept looking to as the primary boot device. Resetting to BIOS default, removing battery, switching jumper did nothing on either machine. Pushing through the new HDD format/installation anyway resulted in a bios level change to the characteristics of the drive. Meaning it changed the unique name, the size, and type of HDD device connected to the board. It also created a third small partition that was hidden from view unless a windows disc was examining the drive OR using DOS.

The boards were old, had no bios level protection, and it was time to upgrade. So, I did. New system is running updated AVG, windows defender, and has Malwarebytes on updated Win 7 OS. New board is BIOS locked/protected and updated.

I need to recover data on the shelved drives and prevent transmission of infection. Since it maybe possible to have portions of hidden virus files residing on any drive connected to the source pc, I must assume they too are infected. This is nasty stuff. How do I minimize the possibility, what method is safest to disinfect the drives, and what product is best to use?

Thanks!
 

tigerg

Honorable
Feb 24, 2013
91
0
10,610
How do you know its a BIOS virus? You don't say anything that proves it is, and more importantly, these types of viruses are exceptionally rare and you are definitely not going to be the target of one. A BIOS virus would not do any of the things you described.

Also, don't ever run Windows XP on an internet connected computer anymore. Actually, don't use it at all unless you never plug anything into it. That's just asking for serious trouble.

If you want the data off your old hard drives, plug them into your new system, scan them, and copy the files over. If you are super concerned, don't run any executable binaries, libraries, self extracting archives, etc.