Posted 07 April 2012 - 08:53 AM
Several of my computers have been temporarily in the hands of someone I don't trust, who has a fair amount of potential resources at their disposal. I want to be certain that no malware of any sort remains on these machines.
Wiping the hard drives and re-installing the OS is no problem. However, these days it is theoretically possible for a rootkit to infect the BIOS and survive a HD wipe.
My question is: how can I be certain that the BIOS is clean?
Does removing the motherboard battery reset the BIOS to its factory condition or is it possible for some firmware/malicious code to survive that?
Does reseting the BIOS using motherboard jumpers reset the BIOS to its factory condition or is it possible for some firmware/malicious code to survive that?
I'm aware of more extreme options like replacing the motherboard or BIOS chip entirely. I would like to know whether it is possible to be certain of a clean BIOS without resorting to such options. If it is not possible to be 100% certain without using those options, then that would be useful to know, and I'll consider what best to do.
Advice appreciated, but please only reply if you know enough about how a BIOS works to fairly sure of your answer; guesswork (even educated guesswork) is not helpful.
Thanks very much!