Batch
Not a Batch
 Online
Posts: 55331
|
 |
« on: Monday, March 21, 2011, 13:31:38 » |
|
OK I'll keep it brief.
Looked at a friends computer the other day as it "wouldn't boot". Turned out that the BIOS settings seemed to be 'unset', like the CMOS battery was flat. Time and date was definitely reset back.
So set the time, date, saved and exit. Installed free virus checker (MSE) and ran found a couple of pron diallers, not much else. Upgraded to XP SP3. Left it turned off for a couple of days, still started fine.
So far so good.
Powered off my PC a day or two after. Turned it on and got a "CMOS battery low...". That's a coincidence I think but it is an old Dell PC so probably just a co-incidence.
Popped "repaired" PC over to friend. They have borrowed another one in the meantime and wanted me to swap monitor over. Blow me, same "press F1 for default, F2 to enter setup" when powered on.
So are there any known virus that can do this? I've had a quick google but can't find anything targeting BIOS setting/time and date settings. Seems a bit low level for a Virus to attack, that said i know chuff all about BIOS access.
Any ideas, or shall I chalk it up to one big coincidence?
|
|
|
|
|
Logged
|
|
|
|
|
Don Rogers Shop
|
|
« Reply #1 on: Monday, March 21, 2011, 13:38:35 » |
|
Brief? That's a fucking essay
|
|
|
|
|
Logged
|
|
|
|
Batch
Not a Batch
Online
Posts: 55331
|
|
« Reply #2 on: Monday, March 21, 2011, 13:41:07 » |
|
Brief? That's a fucking essay
You just have a low attention span. |
|
|
|
|
Logged
|
|
|
|
Samdy Gray
Dirty sneaky traitor weasel
 Offline
Posts: 27137
|
|
« Reply #3 on: Monday, March 21, 2011, 13:45:47 » |
|
I have read about BIOS rootkits. They're rare, but it is possible.
Not sure if any AV can detect an infected BIOS. The thing about BIOS rootkits is they run completely independent to the OS.
The only way to get rid would be to reflash the BIOS or even replace the BIOS chip.
|
|
|
|
|
Logged
|
|
|
|
Batch
Not a Batch
Online
Posts: 55331
|
|
« Reply #4 on: Monday, March 21, 2011, 13:49:37 » |
|
Thanks Samdy.
Hmmm. Thinking about it if there was something nasty going about it would surely be a) BIOS specific* and b) all over the net by now.
* I guess the are standard BIOS API's, but to permanently alter the BIOS would require flashing the device which would be BIOS specific.
Probably just one big coincidence.
|
|
|
|
|
Logged
|
|
|
|
Samdy Gray
Dirty sneaky traitor weasel
Offline
Posts: 27137
|
|
« Reply #5 on: Monday, March 21, 2011, 13:53:06 » |
|
Plus most BIOS will come 'locked' so you have to move a jumper or change a BIOS setting before you can flash it.
|
|
|
|
|
Logged
|
|
|
|
Simon Pieman
Original Wanker
Offline
Posts: 36318
|
|
« Reply #6 on: Monday, March 21, 2011, 21:33:40 » |
|
Dell have BIOS flash utilities in their support pages, try that. I take it you did replace the battery?
|
|
|
|
|
Logged
|
|
|
|
Batch
Not a Batch
Online
Posts: 55331
|
|
« Reply #7 on: Monday, March 21, 2011, 22:07:06 » |
|
Dell have BIOS flash utilities in their support pages, try that. I take it you did replace the battery?
Not replaced it yet. I was just suspicious that I saw similar symptoms on 3 different PCs within a couple of days. |
|
|
|
|
Logged
|
|
|
|
Simon Pieman
Original Wanker
Offline
Posts: 36318
|
|
« Reply #8 on: Monday, March 21, 2011, 22:26:23 » |
|
Ah ok, I don't think I understood that bit.
You can get a CMOS virus, but anti-virus software should detect it.
|
|
|
|
|
Logged
|
|
|
|
cavpete
Offline
Posts: 394
|
|
« Reply #9 on: Tuesday, March 22, 2011, 09:16:30 » |
|
Wouldn't taking the battery out and unplugging it for a while make the bios go back to factory settings. Then put back hopefully correcting the issue not heard much about bios viruses as lashing/updating should solve it.
|
|
|
|
|
Logged
|
|
|
|
|
