Can a virus attach to the BIOS and require a new mobo to clean?

R

Rikki

2[H]4U
Joined
Oct 8, 2000
Messages
2,302
I know that sounds like a competey newbie question and my gut reaction to it is of course - NO of course not. But I just wanted to ask and be 100% certain as a friend has been told by a reputable repair place that his machine is infected in "track 0" of the HDD and also the BIOS and that means he NEEDs a new mobo and HDD.

Back when I was into PC's in a big way that was a lot of horsesh1t and I was wondering if by some freak of nature that it was now possible - there was a time when it was laughable that viewing a JPEG could infect your pc LOL.

Many thanks folks,

Rikki
 
I dont know much on the subject, but after looking around it seems like a few years back the CIH virus could screw up the BIOS. It looks like most moderm motherboards have protections to disallow this from happening, but then again it is possible to flash ones BIOS inside windows these days, I guess theres nothing stopping a virus from corrupting it. I would ask the name of the virus if the place knows and and do some research on it first. Maybe even email a company that makes antivirus software like norton and ask them what they think. Also ask if your motherboard has a removable BIOS chip, maybe you could just replace that.
Anyways Good Luck, and what a bummer.
 
Hmmm.....on the BIOS, I'd say "no". BIOS is stored in CMOS, so even if you could get a virus in the CMOS, you could pull the battery / clear the CMOS and flash it to the latest revison...and you should be good.

"Track0" on the hard drive is a little different. I can recall boot sector virus' that would indeed live through a format. The command:

format c: /mbr

....used to work in that it would instruct the system to overrite the "master boot record" and that would fix it up, but I haven't used it in so long, I don't know if XP still recognizes it. Other OS's....not sure.

Good Luck - B.B.S.
 
Thanks for the info guys.

The more I look into it the more I smell a rat. True you can rewrite a BIOS but to actually put an executable virus in there would be very hard as all BIOS' on all Mobo's are different and if it was possible to insert code into one, it wouldnt work on them all. And writing garbage to the chip would render the system unbootable.

I've also not been able to find any boot sector viruses that live happily with Windows XP and run in the background. The boot sector is 512 bytes long and runs in real mode, XP is a 32bit system and runs in protected mode so any real mode access should be disabled.

The two names given by the shop were :

Bagle

and

Blaster

Both of which as far as I can see are worms and do not write to the boot sector or BIOS in anyway.

Thanks for all your help on this one!

R.
 
I recall years ago there being a virus that could "infect" your bios, but outside of that I dont recall the name or what it actually did.

Before replaceing a mobo for a defunct bios I would flash it. If his bios is acting funny give that a shot.
 
why the heck could you not boot from a clean write portected dos floppy disk or even a bootable CD made on a clean computer and reflash the bios and low level factory format the HD as well. There are tools to recreate the boot sector and any decent computer shop has the floppy/cd sitting on the bench already.

Pure bullshit. you bud is being taken for a ride IMO or at best the shop is incompentent.
 
I'd say the shop is both incompetent but wants your money as well.

-J.
 
They are feeding you BS. Take the machine back, reformat and reinstall, and you'll be fine. Also tell them that you know about their BS and they better not feed it to others or else expect a nasty lawsuit.
 
I know there were some viruses that affected the BIOS. They would mostly just wipe out whatever settings you had in there each time the system was booted and you would have to go back in and redo them. The ones I can remember were "anticmos" viruses with variations like a, b or c. They didn't actually damage the BIOS though, just wiped out custom settings.
 
Virii that affected Bioses would wipe them and render the motherboard useless until the Bios chip was replaced or reflashed to restore the data contents.

Bios data IS NOT stored in CMOS, it's stored in a EEPROM (Electronically Erasable Programable Read Only Memory). Date, time, IRQ routing, enable/disable switches for hardware, boot order and drive type are stored in CMOS.

Virii can infect track 0 of a disk but a low level format or a repartition of the drive wil wipe that out. Also nearly every antivirus program on the market today can clean these out, they're legacy virii from the DOS era.

Tell the shop to stop trying to scam their customers, report them to the BBB and get the system back.
 
The_Mage18 said:
Bios data IS NOT stored in CMOS, it's stored in a EEPROM (Electronically Erasable Programable Read Only Memory). Date, time, IRQ routing, enable/disable switches for hardware, boot order and drive type are stored in CMOS.
Click to expand...
....you are correct. Register contents only in the CMOS, the BIOS in an EEPROM. First clue should have been the fact that it's non-volitle (more coffee there, B.B.S.....:rolleyes: ). But - you could still wipe and re-burn the EEPROM with a new version of the BIOS and be good to go, I believe, so we basically agree though I boogered up the details.....:D


The_Mage18 said:
Tell the shop to stop trying to scam their customers, report them to the BBB and get the system back.
Click to expand...
...yep. What he said.....

Regards - B.B.S.
 
BlindedByScience said:
But - you could still wipe and re-burn the EEPROM with a new version of the BIOS and be good to go, I believe, so we basically agree though I boogered up the details.....:D
Click to expand...

Hot flashes are fun! :D

Saved several motherboards that way. ;)
 
You must log in or register to reply here.
Back
Top