Resolved Can RAM (dimm) carry viruses?

Hello again:

From the way I understand them, the memory dimm card will not permanently retain a virus. Once the PC is powered off, whatever was in the memeory will be lost.

Is this correct?

I am asking because I would like to use the extra memeroy for the PC I am using now from the PC that is basically sitting in the garage right now. I may someday deal with that one down the road but not right now.

I just don't want to use any part from that one that may infect this one.

Thanks,

Tim

 

RAM in a powered down state cannot harbour a virus, however be aware that putting your PC to sleep or hibernate will retain any active malware when power is restored (not relevant in your case of swapping RAM sticks-education purposes only).

However, very often it is easy (and recommended) to clean any infected system. If you wish to make use of WindowsBBS's malware removal service...

Read this post, then post the requested log(s) in the Malware and Virus Removal forum.

 

It may not be possible right now but I guess somebody is sure working feverishly to make it happen. Its in future right now & I wouldn't loose much sleep over that.

 

I disagree wildfire. Its NOT easy to get rid of infection. Some infections like rootkits are very difficult to detect & get rid of.

The easiest & the best thing is try not to get infected in the first place.

 

Yes, that is correct. When RAM loses power, all bits in it return to Off ( "0" zero) . . . like a light switch.

 

My apologies for the misunderstanding, what I meant was it's easy to follow Broni's instructions.

 

I don't see that ever happening. There are too many obstacles - it would not be cost effective or practical for badguys or even for geeks seeking bragging rights.

RAM by design instantly forgets its data (decays) when voltage is removed. If it didn't, it would corrupt the incoming data on the next input cycle (rise).

To retain its data would require power - such as a tiny on-board battery.

RAM is used during the boot process, before any operating system is loaded. That means the malicious code would have to survive those many read/write cycles - some how.

 

Yup, it seems that we are on the same page there.

 

Bill, as I see it, more & more people would be placing their machines in sleep/standby mode & not switching them off. The future OS would itself made it so easy that it couldn't have even Shut Down option & a day may come when the computers may not even have a switch button [cost cutting].

Though technically its got nothing to do with RAM but you never know.

Just my thoughts.

 

The OP is talking about RAM "permanently" retaining a virus that may then infect a different computer should that RAM be removed from one computer and installed in another. This has nothing to do with sleep mode or standby modes.

So to reiterate, there is no way volatile memory such as RAM (DDR, SDRAM, DDR2, DDR3, etc.) will retain any data once power is removed. This includes "standby mode" which is shutting down but keeping the PSU plugged in (and if equipped, the PSU master switch on back is set to on).

If hardware designers require permanently retainment of data, they will use non-volatile memory devices.

Volatile vs Non-volatile Memory

 

Thank you.

Even though this did turn into a discussion, I think I've got it. Sorry it took me so long to respond. Life has a way of taking us away from other things that get in the way..of well, these things.

Sorry and thanks.

Tim

 

I've just done upgrades to my eledrly emachines box. A dying motherboard-resident video driver has been replaced by an AGP card and I've increased RAM from a single 512M stick to a pair of 1GB sticks. The box really flies through routine tasks now, but an annoying glitch pops up every 45 minutes or so.

The system will suddenly, without any input from me, go into a re-boot. With just the AGP card addition, I wasn't having this problem. It has cropped up after the RAM upgrade. A couple of times it went to the BSOD and included a MS diagnostic saying it had shut down to prevent loss of data.

I still get occasional hang-ups during boot, where the desktop wallpaper comes up, but the icons and task bar don't In that case, I have to use the front panel power switch to restart. It was doing this stunt before any of the upgrades.

I'm thinking that maybe Windows has got a problem. I've run Malwarebytes and cleared the glitches it found, I've run CCleaner and cleaned up cookies and registry issues. When it's in the XP "Progress" screen, the three blue dots do a brief stop several times. I haven't seen that before.

My next step is to transfer all the programs off the C: drive to another one (designated F and re-intall Windows, then put everything back.

Any ideas? BTW, if you guys want to start a new string with this post, please go ahead.

 

OK, Evan, I'll re-post the query as a new thread. It didn't dawn on me until after I'd posted that the thread was marked "Resolved ". Mea Culpa.

 

@fdamp - please note the fact it is resolved has nothing to do with it. Proper forum etiquette (across the Internet, not just here) says you should not "hijack" someone else's thread for your own problem. That is not fair to the OP as it take focus off of him and his problem. And while we may think we have the exact same problem as the OP, it is highly unlikely the hardware is the exact same, the software is the exact same, it connects to the Internet in the exact same way, etc. It may not even be the same version of Windows.

So you need to start your own thread for your own problem so you receive the dedicated attention you deserve too.

 

Sorry for posting in this "resolved" thread, but first step has been taken for installing virus in RAM.

Java-based Web attack installs hard-to-detect malware in RAM.

It may not be the same thing, but its an advancement none the less.

 

Yeah, it is quite different. In that Java-based attack, the virus is saved in RAM, but ONLY when the computer is up and running, and totally lost if ever shut down or rebooted. The malicious code is NOT permanently "stored" in the RAM module, and it cannot be transferred to another computer by physically installing that RAM module in the 2nd computer. As clearly noted in that article,

Bottom line: RAM is volatile memory. Therefore, it cannot store any code - malicious or otherwise - without power.

To be truthful, I don't think that article was well written. What is clever about the malware was how it was delivered, not that it hides in RAM. Most malware comes from a downloaded file that is saved somewhere on a drive. This one is downloaded directly into RAM from a compromised or malicious site without any file saved (and able to be scanned). But note virtually all anti-malware programs scan memory looking for malicious activity. So if you keep your anti-malware solution updated and running in real-time, and your computer/OS fully updated and patched, I don't see this as a threat.

If you live in Russia or some other country that supports or at least condones software piracy, and/or you are using an illegal and less secure copy of Windows, then you might worry. If you are fairly disciplined at keeping your system and programs current, you use a real-time anti-malware solution, and you don't participate in risky behavior, this is not a threat - especially in light of the thread topic of code surviving in loose (not installed) RAM modules.

Note Java fixed the vulnerability last October and Microsoft and other anti-malware providers released signature/definition file updates within a couple weeks for this threat. See Exploit: Java/CVE-2011-3544.A.