A Digital Age Deserves A Digital Leader

Bios Viruses

Bios Viruses

Postby jcook89 » Wed Mar 21, 2007 1:59 am

A couple of us found a bios virus on my friends computer. I have never heard of them before and I heard they are pretty rare. How did he get a bios virus? And how do you remove one? Also, how common are they and do they spread between computers on a network? Another friend fixed it for him so it currently works. I am just curious. :roleeyes
<a href="http://www.zdcd.org">my blog</a>
PRO Level 3
Posts: 51
Joined: Sat Sep 24, 2005 3:50 am
Location: USA

Postby SCgone » Wed Mar 21, 2007 2:17 am

How did you find the bios virus to start with. They are so rare, that they are almost considered mythical. If takes an almost...well, I don't want to insult anyone, but someone would have to be almost clueless to get a bios virus. You would either have to boot from a floppy or flash their bios with an infected flash file. I would be very suspect of an antivirus program catching a bios virus. Also, what were the symptoms of the virus.
PRO PLATINUM
Posts: 6879
Joined: Thu Mar 14, 2002 11:59 pm
Location: South Carolina, USA

Postby jcook89 » Wed Mar 21, 2007 2:29 am

We stumbled on it. I reformatted the hard drive and the symptoms were still there. Another friend flashed the bios again and that fixed the problem. The pc would restart randomly, not boot at all and when it did get into windows xp it would be extremely slow. He didn't change anything and never touched the bios at all. The only thing he does is play games and download from limewire. I'm sort of skeptical of it being a bios virus but i have heard legends that they exist.
<a href="http://www.zdcd.org">my blog</a>
PRO Level 3
Posts: 51
Joined: Sat Sep 24, 2005 3:50 am
Location: USA

Postby SCgone » Wed Mar 21, 2007 2:34 am

I could see a boot sector virus a lot quicker than a bios virus. There is I believe a CIH virus around but I believe it supposedly destroyed the bios. But a bios virus from just running a program is highly doubtful unless it was a flash program. If his bios has an boot virus option I would suggest enabling it. A normal format wouldn't destroy a boot sector virus and those symptons are those of a boot sector virus also.
PRO PLATINUM
Posts: 6879
Joined: Thu Mar 14, 2002 11:59 pm
Location: South Carolina, USA

Postby jcook89 » Wed Mar 21, 2007 2:49 am

I though it was a boot sector virus as well. But would the complete reformat on the windows xp pro sp2 not get rid of it? The virus scan also didn't detect it but it was avg free. I think the boot sector virus is more likely because I can't even find info on bios viruses. I would think it would be hard to make a bios virus that would flash the bios automatically and without the user knowing.
<a href="http://www.zdcd.org">my blog</a>
PRO Level 3
Posts: 51
Joined: Sat Sep 24, 2005 3:50 am
Location: USA

Postby SCgone » Wed Mar 21, 2007 2:52 am

No, a regular format won't remove a boot sector virus. To do that you would need to do a low level format and write o's to the drive. That's the only thing that reverts a drive back to factory specifications, less the wear and tear.
PRO PLATINUM
Posts: 6879
Joined: Thu Mar 14, 2002 11:59 pm
Location: South Carolina, USA

Postby NT50 » Wed Mar 21, 2007 3:02 am

Could you run from a boot disk the fdisk /mbr or from a BartPE disk (or similar) run fixmbr. Woudl that not clear the boot sector virus?

As for BIOS virus, I have never run into one in my whole career
Dogs Have Owners; Cats Have Staff
PROfessional Member
User avatar
Posts: 8220
Joined: Sat Jun 19, 2004 4:46 pm
Location: Jackson, TN USA
Real Name: Jeff Replogle

Postby c0ldfyr3 » Wed Mar 21, 2007 3:24 am

a debug gets rid of a boot sector virus as far as i know.

If you need help on debug info here http://www.pro-networks.org/forum/viewtopic.php?t=71944
Image
PRO Level 15
User avatar
Posts: 1346
Joined: Sun May 02, 2004 8:49 pm
Location: 127.0.0.1

Postby jcook89 » Wed Mar 21, 2007 3:35 am

well the virus has already been removed and a flashed bios and reformated hard drive fixed the problem. I only started fixing the computer and another friend finished. So I am not sure of the details of how it was fixed but he said it was bios virus. I think he got it confused with a boot sector virus. I thought I was a witness to a rare bios virus :( But i guess it will remain a legend
<a href="http://www.zdcd.org">my blog</a>
PRO Level 3
Posts: 51
Joined: Sat Sep 24, 2005 3:50 am
Location: USA

Return to Security & Virus

Who is online

Users browsing this forum: No registered users and 4 guests

cron
cron