A few years back, a family member's computer got hit by a Trojan (specifically Trojan:Win32/Redline.GMI!MTB), which I suspect is a RedLine Stealer. The computer has been untouched since then, and I'm considering swapping out the infected hard drive for a fresh, clean one instead of just tossing the whole machine. I feel like this would be a good way to salvage the computer, but I'm worried about any lurking issues, like potential BIOS or UEFI infections. What do people think about this approach? Is there anything I should be cautious about?
2 Answers
You probably won’t need to dump the infected drive just because of that Trojan. It's typically not persistent, so a clean Windows install should do the trick. Just make sure to delete all partitions on the drive during the setup process, and you should be fine!
BIOS or UEFI infections are super rare since access to those areas is specific to each manufacturer. Swapping in a new hard drive is definitely the safest bet. If you're feeling adventurous, you could also wipe the old drive using your motherboard's secure erase feature or boot into a live USB with something like GParted to wipe it clean. Just make sure to have all your data backed up, just in case!
Good point! It's always best to backup before doing any major changes. Better safe than sorry!