Can a Virus Infect the BIOS?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I'm not even sure if my PC has a virus now.
It started out with sudden rebooting.
My PC is unable to boot up at all into Windows now.
I have Avast anti virus installed and auto updates enabled and
installed.
Also did a full anti-virus scan.

There was a big yellow question mark in the Device Mngr list
pertaining to the USB bus so I disabled it.
I also disabled it in the BIOS.

Since then, when booting up, I get to the safe mode menu and select
safe mode. The screen just hangs and nothing happens.

I am going to put a new hard drive in but was wondering.....
If the PC was infected with a virus, could my new hard drive get
infected from the BIOS?

Thank you.

Nancy







Re: Can a Virus Infect the BIOS?

Nancy wrote:

Quoted text here. Click to load it
   It is possible, but i understand that boot viri are very rare these daze.

Re: Can a Virus Infect the BIOS?

On Thu, 15 Jun 2006 07:37:31 GMT, Robert Baer


Quoted text here. Click to load it


You're confused. Boot viruses affect sectors on hard drives, not the
BIOS.

Art
http://home.epix.net/~artnpeg

Re: Can a Virus Infect the BIOS?

Art wrote:

Quoted text here. Click to load it
   No; a "good" BIOS virus will write one on the HD, so that if the BIOS
was somehow "fixed", then the boot virus will rewrite the BIOS copy.
   Just like some virii hide a copy in the registry garbage pile.
   Three components: the running program, the HD file(s), and the
registry entry/entries.
   Delete any part and it will shortly pop back.
   Almost as bad as the chicken and egg "problem".


Re: Can a Virus Infect the BIOS?


|    No; a "good" BIOS virus will write one on the HD, so that if the BIOS
| was somehow "fixed", then the boot virus will rewrite the BIOS copy.
|    Just like some virii hide a copy in the registry garbage pile.
|    Three components: the running program, the HD file(s), and the
| registry entry/entries.
|    Delete any part and it will shortly pop back.
|    Almost as bad as the chicken and egg "problem".

Completely -- WRONG !

There are viruses such as the CIH (aka; Chernobyl) and Keriz that can corrupt or
erase a
Flashable BIOS that has not been write-protected but there are NO viruses that
"infect" a
BIOS.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Can a Virus Infect the BIOS?



|
| Completely -- WRONG !
|
| There are viruses such as the CIH (aka; Chernobyl) and Keriz that can corrupt
or erase a
| Flashable BIOS that has not been write-protected but there are NO viruses that
"infect" a
| BIOS.
|

Oooops.  That should have been Kriz notKeriz.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Can a Virus Infect the BIOS?

On Thu, 15 Jun 2006 21:58:57 GMT, Robert Baer

Quoted text here. Click to load it

Worthless gibberish.

Art
http://home.epix.net/~artnpeg

Re: Can a Virus Infect the BIOS?

Robert Baer wrote:

Quoted text here. Click to load it

No room.

Eventually, computers will have more memory for the BIOS or to record
drivers or part of the OS. Maybe then. Not now.

Re: Can a Virus Infect the BIOS?

Offbreed wrote:

Quoted text here. Click to load it
   "No room"???
   What about the space that is used for the "background" logo as the
computer comes on?
   That factory logo can be altered via *flashing* and with a program
usually available from the mobo maker, and there are similar programs
available on the net at no cost.
   And it is possible to write a program such that starting the program
sequence with a different byte offset gives *another* program!
   I have written programs that resided in the FAT, in the directory,
and in areas never used...on a floppy!
   There is *lots* more space in the BIOS and a whole hotel of space on
the HD!
   Remember, in the CP/M daze, there was only 64K total RAM, and 48K to
56K was the Total Programming Area (TPA).
   A word processor ran in that space, and could manipulate / edit files
that were megabytes long - easily and fast.
   "No room"???
   Guess again!

Re: Can a Virus Infect the BIOS?

Robert Baer wrote:
[snip]
Quoted text here. Click to load it

i'll be blunt... there is no such virus that does what you describe...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Can a Virus Infect the BIOS?



Quoted text here. Click to load it
|    It is possible, but i understand that boot viri are very rare these daze.

There are NO BIOS "infected" "viruses" and there are no ifectors called "viri"
or "virii".

http://spl.haxial.net/viruses.html
http://homepages.tesco.net/~J.deBoynePollard/FGA/plural-of-virus.html
http://linuxmafia.com/~rick/faq/plural-of-virus.html

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Can a Virus Infect the BIOS?

Back in the mid-late 90s, there was a virus written by some guy in
Taiwan that can effectively wipe out all the information stored in your
BIOS, it caused a lot of serious damage worldwide, but those kind of
viruses require very high privilege which I think only DOS and DOS
based Windows 98 can provide, ever since the introduction of Windows
2000, that kind of viruses become very rare, in fact, I don't think
there are many new hardware-damaging viruses  being written, and the
spread of high-speed Internet also makes worms much more appealing to
virus writer because of the speed of spreading, and those old viruses
are all ineffective if your OS are win2000 or above,  of course, I'm no
expert on virus, so there maybe something I don't know, but if your
machine has hardware problems, it's more likely to be the problem of
hardware instead of virus.


Re: Can a Virus Infect the BIOS?

wrote:

Quoted text here. Click to load it

Extremely unlikely that your BIOS was reflashed by malicious code.
In known cases of malicious BIOS reflashing, it has been a trashing
of the BIOS to the extent that the machine is completely unusable.

Art
http://home.epix.net/~artnpeg

Re: Can a Virus Infect the BIOS?

Nancy wrote:
Quoted text here. Click to load it

no, your new hard drive will not get infected from the bios...

as yet there are no viruses that live in the bios... there are a few
pieces of malware that overwrite the bios with garbage but that's as
close as it gets right now... and since you can at least get to the
screen that shows the option to boot in safe mode it would appear that
your bios is more or less ok (you wouldn't be able to get that far if it
had been overwritten by the previously mentioned malware)...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Can a Virus Infect the BIOS?

wrote:

Quoted text here. Click to load it

There was a thread here a month or two ago (or was it acv?) where the
OP reckoned his hard disk mbr was getting infected by the bios during
the power on self test phase of the boot sequence and if he moved the
hard disk to another machine it was okay. He didn't post any
meaningful evidence though so maybe he was just another usenet crank.


Jim.


Re: Can a Virus Infect the BIOS?


| wrote:
|
Quoted text here. Click to load it
| There was a thread here a month or two ago (or was it acv?) where the
| OP reckoned his hard disk mbr was getting infected by the bios during
| the power on self test phase of the boot sequence and if he moved the
| hard disk to another machine it was okay. He didn't post any
| meaningful evidence though so maybe he was just another usenet crank.
|
| Jim.

Yes James... a crank yanker.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Can a Virus Infect the BIOS?

misred2@access4less.net says...

Can you boot a boot floppy or a bootable CD?  If you can't, it ain't
your hard drive.

Quoted text here. Click to load it

Re: Can a Virus Infect the BIOS?

Thanks everyone for the interesting info.
I ended up installing one of my old hard drives.
So far so good.
I was unable to get online 'til now.
Now I can cry over the loss of a years' accumulated files...music,
pictures, etc.
I never learn.
This time I think I might try Acronis or similar program for backup.

Nancy


"Ken"  wrote in message:>
Quoted text here. Click to load it
select



Re: Can a Virus Infect the BIOS?

Nancy wrote:
Quoted text here. Click to load it

Massive bummer.

You cannot mount the bad drive as Slave or Secondary Master and get some
of your files off that way?

Re: Can a Virus Infect the BIOS?


Quoted text here. Click to load it

Many possible causes, not just viruses.

Quoted text here. Click to load it

What version of java do you have installed.  You should have
jre-1_5_0_07, and no prior versions.

Quoted text here. Click to load it

Ok this indicates at least one hardware/driver problem. First ensure
the fans on the power supply, and cpu are operating properly, and
the case openings are not clogged by dust.

Unplug, and then reconnect every connector, to ensure clean contact,
on every cable in the case.  Same with each memory card, pci card,
etc.

Quoted text here. Click to load it

It's possible that a hardware problem has now caused filesystem
corruption.

Quoted text here. Click to load it

Although in theory, it's possible for a virus to flash the bios,
there are no known viruses that will do so without corrupting
the bios to the point you wouldn't even be able to boot into
the bios setup.

As to infecting the new hd, that could only happen if you boot
 from the current hd (and it's infected), with the new hd connected.
If you boot from an installation cd, you should be ok.  Once you
boot from the installaton cd, try the repair option, to run chkdsk,
(or scandisk if this is an pre XP version of windows).

Note that you should virus scan the new hd, before booting from it,
just to ensure it doesn't come with a pre-installed virus.  That's
how I was hit with the ripper boot virus, a decade or so ago.

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

Site Timeline