One way of getting ridding of Virus Infections has been to reinstall the operating system.

Russian state-sponsored hackers now appear to be using malware that can persist on Windows PCs even after the OS has been reinstalled.

The attack targeted the computer’s UEFI, which stands for Unified Extensible Firmware Interface, and is used to boot up the system. By re-writing the UEFI, the malware can persist inside the computer’s flash memory, allowing it to survive operating system reinstalls and hard disk replacements.

Getting rid of the malware means going in and over-writing the flash storage’s memory, “an operation not commonly done and certainly not by the typical user,” ESET said in a blog post.

ESET refrained from naming the owner of the infected computer, but the security firm said it has detected Fancy Bear using different components of Lojax on government organizations based in the Balkans and other Central and Eastern European countries.

The good news is that you can block the Lojax attack through a PC industry feature called Secure Boot, which will check to see that all your PC parts, including the firmware, are authenticated with a valid code-signing certificate from the manufacturers. The Lojax malware will fail to pass this check. Secure Boot is usually activated by default in Windows 10. To toggle it on or off, you’ll likely have to restart your PC, and go into the BIOS to access the feature.

ESET also recommends PC owners keep the firmware on their motherboard updated to prevent hackers from exploiting vulnerabilities in the code.

This article was featured on PC Mag.

If you feel that you have been a victim of this type of virus you will need to bring in your unit for Deluxe Virus Removal