Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Thursday 21.11.2024 / 10:20
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - general discussion > malware removes the ability to select a boot device
Show topics
 
Forums
Forums
malware removes the ability to select a boot device
  Jump to:
 
Posted Message
Mez
AfterDawn Addict
_ 		23. July 2013 @ 10:03 _ Link to this message    Send private message to this user   
Does anyone know how malware could remove the ability to select a boot device? It also distroys the system restore records dated before it took over the computer so there is no easy fix. Actually there is no fix if you can only boot from C:. I bought system restore disks then discovered I couldn't use them. I took the computer over to my favorite computer repair with the disks and let them do it. I got the minimum charge. If the disk was a 3.5" I would have pulled the disk and low level reformatted it as an external disk. I have pricesd out an external adapter that will do 5.25 - 2.5 and IDE as well as SATA. Before I plunk down the cash I am wondering if there is a smarter way. The adapter is cheaper than the minimum charge so I will buy it if I can't figure out a better way. I expect I will see that problem again.
[ + quote]

This message has been edited since posting. Last time this message was edited on 23. July 2013 @ 10:05
Advertisement
_ 		__
attar
AfterDawn Addict
_ 		23. July 2013 @ 10:34 _ Link to this message    Send private message to this user   
If it was a virus that managed to flash the bios? - but then you could reflash the bios to get rid of that, then check the machine for whatever did it initially.
[ + quote]
ddp
Moderator
_ 		23. July 2013 @ 12:21 _ Link to this message    Send private message to this user   
malware doesn't touch bios but virus does. enable the flash protection in the bios once bios reflashed.
[ + quote]
Mez
AfterDawn Addict
_ 		25. July 2013 @ 15:18 _ Link to this message    Send private message to this user   
Yes ddp is probably correct. Unfortunatly, how the malware infection is carried out is by connecting your computer to a hacker's server which breaks through your filewall then steals any password files or any files that contain FTP info, analyses your computer then replaces certain exes and/or DLLs on your computer. If the hacker wanted to update your BIOS it could. The beauty of this is there is no virus signiture, if you run HiJackThis you will see nothing suspicious ect. It is 100% stealth. They all use VPN to connect with the 'mother ship'. The connection between your computer and the hacker's computer is created by an injection port on an infected web page. Opening the page opens the connection.

The computer was a Win 7 computer and the boot timeout was probably set to 0. The only way to get into the BIOS would be to create a hardware boot failure but that will still not change the boot time. Even if I press the key for the boot device selection it will not be on the screen long enough to use it. I have downloaded an editor that will allow be to inspect and modify the settings. I think I will still buy the adapter. Not only is it one more tool in my bag of tricks but I can see what is on a few old IDE drives that are sitting in my office collecting dust. If they are small and have nothing I want I can chuck them but some are pretty big. Great for system backups I might use once a year or less. When not used they will be sitting collecting dust. Right now my backups are on some general storage devices that get accessed at least once a month. I doubt that the malware is smart enough to find and destroy backups but it is possible.
[ + quote]
ddp
Moderator
_ 		25. July 2013 @ 16:20 _ Link to this message    Send private message to this user   
try resetting the cmos. other option is if bios chip is in a socket then might be possible to get a new pre-programmed bios chip.
[ + quote]
scorpNZ
AfterDawn Addict

4 product reviews
_ 		25. July 2013 @ 18:08 _ Link to this message    Send private message to this user   
Couldn't BIOS just be restored by placing jumper to it's recovery option assuming it has one you know the thing if you stuff up a flash or whatever
[ + quote]
http://www.afterdawn.com/guides/
ddp
Moderator
_ 		25. July 2013 @ 18:21 _ Link to this message    Send private message to this user   
that is what resetting the cmos does & if no jumper, disconnect external power cord then remove cmos battery. i have a board from a customer which the programming on the bios chip was corrupted so i am going to reflash the bios if i can get it to boot off a floppy or pay $15 for new programmed bios chip.
[ + quote]
Mez
AfterDawn Addict
_ 		25. July 2013 @ 22:32 _ Link to this message    Send private message to this user   
Yes I could have done that. Except, I do not think the BIOS was tampered with. There is no setting to disable the boot menu that is hard wired. The hang time in Win 7 is regulated by the OS which can be modified.
[ + quote]
ddp
Moderator
_ 		25. July 2013 @ 22:44 _ Link to this message    Send private message to this user   
the boot device is set with the bios not windows unless you have a real real old board which you don't.
[ + quote]
Mez
AfterDawn Addict
_ 		26. July 2013 @ 11:36 _ Link to this message    Send private message to this user   
If you say so. What I am sure of is to get something other that a HD to be used as a boot device you can either press F12 which brings you to a BIOS menu and select any type of device or press F7 and select a CD using the OS. The bootup went directly to windows start.
[ + quote]
ddp
Moderator
_ 		26. July 2013 @ 17:28 _ Link to this message    Send private message to this user   
when you selected to boot from dvd with the 1st recovery disk in the dvd drive, it went to windows start instead? try to boot another computer with that disk to see if does same thing or it boots off the dvd to load win7.
[ + quote]
Advertisement
_ 		__
 
_
Mez
AfterDawn Addict
_ 		28. July 2013 @ 11:47 _ Link to this message    Send private message to this user   
As I mentioned in the opening post, I had a local family run shop do the fix. My inquiry was for a future infection. I bought a USB HD cheap-o adapter for less than $20. The next time my daughter's computer gets infected I will learn if it is the BIOS or hard disk. I am sure it is the hard disk since there only a few OSs while there may be hundreds of BIOS to create an attack plan for. The attacks are preformed by robots not humans.

I have seriously upgrade the firewall. This is a warning for anyone reading this post. I installed the firewall before I connected to the network. As soon as I plugged it in the fire wall asked me if I wanted to allow incoming connection. The attack took less than a second. If you install a 'fresh' system do not have it connected to the internet until you have a firewall up and running. If not it will be infected before you are finished installing everything.
[ + quote]
afterdawn.com > forums > software, operating systems and more > windows - general discussion > malware removes the ability to select a boot device
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2024 by AfterDawn Ltd.

  IDG TechNetwork