TGS Forum
Hello Guest,

You are currently viewing our boards as a guest, which gives you limited access to view most discussions and access our other features.

By joining this community for FREE, you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content, & many other special features.

Registration is fast, simple & absolutely free, so please, join our community today!
TGS Forum
Hello Guest,

You are currently viewing our boards as a guest, which gives you limited access to view most discussions and access our other features.

By joining this community for FREE, you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content, & many other special features.

Registration is fast, simple & absolutely free, so please, join our community today!
TGS Forum
Would you like to react to this message? Create an account in a few clicks or log in to continue.


 
PortalHomeLatest imagesRegisterLog in

 

 BIOS based Virus found

Go down 
AuthorMessage
L30_Ph3niX
Grade - 2
Grade - 2
L30_Ph3niX


Points : 113
Posts : 56
Join date : 2011-08-12
Age : 32
Location : Greater Noida

BIOS based Virus found Empty
PostSubject: BIOS based Virus found   BIOS based Virus found Icon_minitimeTue Sep 20, 2011 2:44 am

A Chinese AV company 360 discovered a new Trojan, the “BMW Virus” (also called Mebromi), that can actually infect a computers BIOS:

Quote :
“BMW 360 Security Center virus is the latest catch of a high-risk virus, the virus that infected a chain BIOS (motherboard chip program), MBR (master boot drive) and Windows system files, reinstall the system, regardless of the victim computer, format the hard disk, or replace the hard disk can not completely remove the virus.”

BIOS based Virus found 2502d2aqd26.0af893

It uses the CBROM command-line tool to hook its extension into the BIOS. The next time the system boots, the BIOS extension adds additional code to the hard drive's master boot record (MBR) in order to infect the winlogon.exe / winnt.exe processes on Windows XP and 2003 / Windows 2000 before Windows boots. The next time Windows launches, the malicious code downloads a rootkit to prevent the drive's MBR from being cleaned by a virus scanner. But even if the drive is cleaned, the whole infection routine is repeated the next time the BIOS module is booted. Mebromi can also survive a change of hard drive. If the computer doesn't use an Award BIOS, the contaminant simply infects the MBR.

BIOS based Virus found 2e01b41qd40.450d5b

If the system uses a BIOS other than Award, the Trojan skips trying to write to the BIOS, but still tries to infect the MBR of the boot hard drive.Removing the virus from the MBR and infected files really has no effect, because as soon as the system is restarted, the BIOS is read and the computer re-infected again.Seeming most virus companies will not want to create a BIOS cleaning utility, most likely the BIOS would need to be re-flashed to remove the virus infection completely.



News Credit to : THN
Back to top Go down
http://www.encode.co.in
 
BIOS based Virus found
Back to top 
Page 1 of 1
 Similar topics
-
» Samsung to launch Android 4.0-based Nexus Prime
» Bangalore-based EAFT launches 10.1-inch Android Tablet 'MagicTile Marathon'
» Nokia unveils the MeeGo-based Nokia N9
» ESET NOD32 ANTI-VIRUS ID AND PASSWORDS release 2011-11-21 (09:02:28)
» 'ORDER BY' Doesn't work? Look here [String Based Tutorial]

Permissions in this forum:You cannot reply to topics in this forum
TGS Forum :: News Section :: Tech News-
Jump to:  
Create a forum on Forumotion | ©phpBB | Free forum support | Report an abuse | Cookies | Forumotion.com