Viruses On A Used Computer? Meltdown?

[ExplorerSergio]

Hey guys, I was wondering what the risk was buying a used computer since you never know what people are clicking on these days. If i got a computer that has malware or Spectre/Meltdown on its CPU? How would i know and then how would i get rid of it? Is it worth buying it used to save money? 

[OrionFOTL]

The first thing to do after buying a used PC is wiping its hard drive. You never even boot into the OS, so you don't need to care about viruses on it.

 

Spectre and Meltdown are processor hardware faults, and you don't need to care about those since they require targeted attack from somebody with physical access to your computer and necessary knowledge.

[fuzz0r]

To my knowledge some of the vulnerabilities have been patched so a BIOS update would probably be good.

Just format the PC when you get it, that way no viruses.

[ExplorerSergio]

15 minutes ago, OrionFOTL said:

The first thing to do after buying a used PC is wiping its hard drive. You never even boot into the OS, so you don't need to care about viruses on it.

 

Spectre and Meltdown are processor hardware faults, and you don't need to care about those since they require targeted attack from somebody with physical access to your computer and necessary knowledge.

So if i just bought a new hard drive i wouldnt have to worry about viruses that were on there before? 

[OrionFOTL]

Yes, or just use the existing hard drive after wiping it.

[fuzz0r]

3 minutes ago, ExplorerSergio said:

So if i just bought a new hard drive i wouldnt have to worry about viruses that were on there before? 

No, realistically you wouldn't.

[AngryBeaver]

2 minutes ago, ExplorerSergio said:

So if i just bought a new hard drive i wouldnt have to worry about viruses that were on there before? 

In 99.9% of cases yes. Since most malware persistence mechanisms are in your storage drives. Now there are some very rare cases where the persistence mechanism is on the motherboards actual bios, but these are very rare and can still be sorted with a destructive bios update.

 

Now let's day your machine has multiple drives. A full destructive windows install would be enough. Then once in windows you can format the other drives (or do it while installing windows if you prefer). The reason behind this is if you wipe windows you break the persistence the malware established and the only way for it to restablish itself is by you running it again.

[aDoomGuy]

I would wipe all hard drives before I boot if I was worried and then do a full system scan. I would also use common sense when buying the used PC and perhaps not buying it online from some called PrOnlife247 or similar.  

[ExplorerSergio]

33 minutes ago, AngryBeaver said:

In 99.9% of cases yes. Since most malware persistence mechanisms are in your storage drives. Now there are some very rare cases where the persistence mechanism is on the motherboards actual bios, but these are very rare and can still be sorted with a destructive bios update.

 

Now let's day your machine has multiple drives. A full destructive windows install would be enough. Then once in windows you can format the other drives (or do it while installing windows if you prefer). The reason behind this is if you wipe windows you break the persistence the malware established and the only way for it to restablish itself is by you running it again.

And I could use an Antivirus software to see in that 0.01% cases if it is on the motherboard? 

[AngryBeaver]

On 4/29/2020 at 9:19 AM, ExplorerSergio said:

And I could use an Antivirus software to see in that 0.01% cases if it is on the motherboard? 

The bios attack i am talking about is VERY targeted. It has to first be a motherboard that is susceptible to the attack, it then has to be directly targeted at the exact motherboard you have.. so in most cases if they already have enough information about your machine to pull this off... then you have much bigger issues.

 

These mostly target pre-built corporate machines that all use the same motherboard.

 

So you are free and clear from this one.