My father allowed a stranger to install software on his computer. (This was done remotely following a phone call.) I am assuming the worst: malware, rootkit, whatever. On our advice he already changed all his financial account numbers and disconnected the computer from the internet, but I intend to clean his computer.
I'm not even going to bother trying to clean the hard drive--I'm buying a new one, and then doing a clean install of Windows XP on the fresh drive.
I thought that would take care of everything...except that I recently heard about BIOS rootkits.
Is there a chance that his computer would have a BIOS rootkit?
Is there an effective way to scan the BIOS before I replace the hard drive? There isn't much point in putting a fresh hard drive together with an infected mobo, right?
If there is a BIOS rootkit, how can I get rid of it?
His computer is a Gateway 3250S.