Dakusan's Domain Forum

General Category => General Discussion => Topic started by: cmedia on January 19, 2015, 08:02:31 pm

Title: bios level keylogger and/or virus...
Post by: cmedia on January 19, 2015, 08:02:31 pm

Hi, searching info about possible bios and mbr malware, spyware,keylogger i reach your blog about your test http://www.castledragmire.com/Posts/BIOS_Level_Key_Logger

i wanted  to ask you, if i delete the mbr with fdisk /mbr i fix any malware who infected the mbr?

Title: Re: bios level keylogger and/or virus...
Post by: Dakusan on January 20, 2015, 02:05:24 pm

You would be fixing that specific point in the security chain on that one hard drive, yes. But do note that something as low level as an mbr has super high access, and could even prevent/fake the mbr from being fixed again (if it is what was used to boot). Not saying this is likely, I am just not making any guarantees :-) . Make sure you boot from something else to fix it if you are worried about a corrupted MBR.

Title: Re: bios level keylogger and/or virus...
Post by: cmedia on January 20, 2015, 07:30:26 pm

yes i booted with superfidk iso from cdrom...  ;)

thank for help