Can't get rid of BIOS virus attack

[qwerty_steve]

Hi there,

My brother recently in his search for online women clicked on and installed spyware which is proving to be very nasty indeed. His bank informed us that luckily they could not access the last two digits of his credit card number!!

The spyware has attacked the BIOS and I am finding it very difficult to remove. I have purchased a new hard drive, flashed the BIOS (then connected the hard drive) and the computer is still behaving badly (shutting down frequently in the initial stages of installing windows).

This article on Tom's seems to sum up the type of attack I am currently dealing with:

http://www.tomshardware.com/news/bios-virus-rootkit-security-backdoor,7400.html

Based on the above I have 2 questions:

1. Do I now go about getting a new BIOS chip? I'm thinking I'll leave it to the local computer shop to do this as it appears you need a special tool.

2. Now that I have connected the new hard drive to the system, it is highly probable that the hard drive is now infected too. Am I up for a new chip/motherboard + hard drive (again) to finally remove this vile piece of work?

Replies greatly and humbly appreciated.
Steve.

 

[mikey5802]

According to that article, getting a new BIOS chip may be your only hope Luke. I think your your best option at this point would be to leave it to the computer repair shop, and have them replace the chip and make sure the HDD isn't infected, or buy a new MOBO, whichever is cheaper, but definately make sure the HDD is clean. Then find the guy that wrote the virus and cut off his cajonies.

And let your brother pick up the tab as well.

 

[qwerty_steve]

Hmm yes good advice... What chances are there that the new HDD is infected? Should I not run the risk and just buy another one or is there any other solution?

 

[qwerty_steve]

I think I've thought of the best solution... Based on the article it mentions password protecting the BIOS to avoid this nasty... so I'll buy a new motherboard, password protect it and then test the new and old hard drives that are infected. That way I'm only up for a new motherboard. I'd advise everyone to password protect their BIOS too to avoid this!!

 

[captaincharisma]

i got a better system. i don't download unknown programs from porn sites like your brother

 

[qwerty_steve]

Tell me about it.. Blood is thick as they say 😛

P.S. BIOS passwords won't solve the issue upon further reading, but if you know what you're doing this won't be a problem in the first place.

 

[virus h8tr]

When you get your new Mobo, make sure it has dual bios.

 

[mosox]

How do you know there's a virus in the BIOS?

Run all this
http://www.softpedia.com/get/Antivirus/Malwarebytes-Anti-Malware.shtml
http://www.softpedia.com/get/Antivirus/a-squared-a2-Free.shtml


If necessary run that
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

 

[delluser1]

My son likes to do that kind of crap.
Kaspersy rescue disk will remove rootkit viruses, had to do it twice in the last week.
http://www.softpedia.com/get/Antivirus/Kaspersky-Rescue-Disk.shtml

 

[aford10]

This topic has been closed by Aford10