Security Basics mailing list archives
Re: RE: Any solution for a virus in the BIOS?
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Mon, 3 Dec 2007 19:40:00 +0100
On 2007-12-02 admin () lh com wrote:
First things first, get rid of AVG Free edition and find a decent AV. AVG misses most modern anti-viruses and can be avoided easily.
Care to elaborate on that one?
Get a av that has boot sector protection. Once you've run a scan with that, it will clear things out.
Please explain how boot sector protection is supposed to help against malware living in the BIOS. You do realize that it's the BIOS that executes the boot code, don't you? Assuming the BIOS actually is infected (which isn't too clear after the OP's rather vague description) the appropriate way would be to replace the BIOS chip or flash a clean BIOS onto it using a dedicated device (*not* a PC that is booted with the potentially infected BIOS). Also examine the supposedly infected harddisk from a clean system, either by booting some live-CD after cleaning the BIOS or by attaching the disk to another system (as secondary/external disk). Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- RE: Any solution for a virus in the BIOS? whip (Dec 02)
- <Possible follow-ups>
- Re: RE: Any solution for a virus in the BIOS? admin (Dec 03)
- Re: RE: Any solution for a virus in the BIOS? Ansgar -59cobalt- Wiechers (Dec 03)
- Re: RE: Any solution for a virus in the BIOS? Michael R. Martinez (Dec 03)
- Re: Any solution for a virus in the BIOS? Ansgar -59cobalt- Wiechers (Dec 03)
- Re: Any solution for a virus in the BIOS? PCSC Information Services (Dec 04)
- Re: Any solution for a virus in the BIOS? Michael R. Martinez (Dec 04)
- Re: Any solution for a virus in the BIOS? Ansgar -59cobalt- Wiechers (Dec 04)
- Re: RE: Any solution for a virus in the BIOS? Ansgar -59cobalt- Wiechers (Dec 03)