Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: BIOS virus and custom format from Windows 7.

12 Nov 2011   #31
gregrocker

 

There is something I suspect is in the boot sector of the HD which Cleaning with Diskpart will solve on installation failures. It works quite frequently. We once thought it required Clean All but that is overkill since it works just as well with Clean. It is one of our first troubleshooting steps for Install failures. I'd like to know exactly what it is, assuming it's corrupt boot code.

Recently we had 2 cases in a row where BIOS wouldn't budge past POST with HD attached, where Cleaning solved it and allowed reinstall. It's a clue.


My System SpecsSystem Spec
.
12 Nov 2011   #32
carwiz

Windows 7 Pro-x64
 
 

I'm pretty sure you already know this but I've quoted a summation of the interaction of the BIOS with the boot sector for folks that are trying to follow this. Also add CD to the floppy and USB groups below. (These have VBRs) I've also underlined in the quote what you are probably seeing/fixing.

Quote:
On IBM PC compatible machines, the BIOS is ignorant of the distinction between Volume Boot Records (VBRs) and Master Boot Records (MBRs), and of partitioning. The firmware simply loads and runs the first sector of the storage device. If the device is a floppy or USB flash drive, that will be a VBR. If the device is a hard disk, that will be an MBR. It is the code in the MBR which generally understands disk partitioning, and in turn, is responsible for loading and running the VBR of whichever primary partition is set to boot (the active partition). The VBR then loads a second-stage bootloader from another location on the disk.

Furthermore, whatever is stored in the first sector of a floppy diskette, USB device, hard disk or any other bootable storage device, is not required to immediately load any bootstrap code for an OS, if ever. The BIOS merely passes control to whatever exists there, as long as the sector meets the very simple qualification of having the boot record signature of 0x55, 0xAA in its last two bytes. This is why it's easy to replace the usual bootstrap code found in an MBR with more complex loaders, even large multi-functional boot managers (programs stored elsewhere on the device which can run without an operating system), allowing users a number of choices in what occurs next. With this kind of freedom, abuse often occurs in the form of boot sector viruses.
My System SpecsSystem Spec
12 Nov 2011   #33
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

You might find this article about tdss.tdl4 interesting:
TDSS. TDL-4 - Securelist
My System SpecsSystem Spec
.

12 Nov 2011   #34
rubyrubyroo

MS Windows 7 Home Premium SP1 64-bit (Family Pack Lic.) Upgrade
 
 

yep it overwrites the 13h interupt in the int tbl to start the 1st portion of the loader (which is one way to stop it from reinfecting upon reboot if you must work on it)


Carwiz...any idea where i could find a BIOS set of code (any newer x64 type machine) for reading through on the subway (any format)
My System SpecsSystem Spec
12 Nov 2011   #35
carwiz

Windows 7 Pro-x64
 
 

Quote   Quote: Originally Posted by rubyrubyroo View Post
Carwiz...any idea where i could find a BIOS set of code (any newer x64 type machine) for reading through on the subway (any format)
I haven't really looked but I'm guessing it could be extracted from a BIOS Flash.
(I won't mention how.)
My System SpecsSystem Spec
12 Nov 2011   #36
rubyrubyroo

MS Windows 7 Home Premium SP1 64-bit (Family Pack Lic.) Upgrade
 
 

of that i have no doubt, but I am sure there is some floating around out there, I was just asking if you had any idea of where, but thanks for the answer (it's probibly pretty straight forward to extract, as it makes "injection" or "flashing" a more startghtforward process to preform)
My System SpecsSystem Spec
Reply

 BIOS virus and custom format from Windows 7.




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Changing the BIOS format
I have an Asus board with EUFI and cannot boot a Linux OS form a stick for trying out the VMware with Mint MATE. Now it has been suggested that maybe the EUFI boot set up is not allowing the machine to boot from the stick the ISO is on and to change the BIOS to legacy. Now I have seen a few...
General Discussion
Bios update after format
Hi, do i need to update the BIOS everytime i format the hd and reinstall windows?
Drivers
Want to zero format HD, reinstall windows 7 to ensure virus is gone
I have been trying to rid my wife's laptop of a Trojan rootkit called Trojan:DOS/Alureon.e. This thing just won't go away no matter what I have tried. It keeps popping up and getting captured by my virus software (Windows Security Essentials) but that software can't remove it. I've tried a bunch...
Backup and Restore
Windows 7 Ult 64 Custom build: bios and windows install questions
Hey everyone, I'm sorry if I post this in the wrong forum, but I have a few questions about setting up the bios and installing windows. This is the computer that I am building for video production: Asus P6T Deluxe V2 Corsair Core i7 XMS3 12GB 5 Samsung 1 TB Spinpoint 7200 RPM Antec Nine...
General Discussion
Custom Bios Splash Screens!
Hey everyone I want to know who is using custom Splash screens and if you can post some.. I have an intel board and getting very sick of the oem screen. Please post screens people!!!!! Thank you, ot post links to other threads with splash screens.......Thanks!!!!
Customization
OEM Custom Bios
EDIT: I have successfully unlocked this bios. It can be found over at Biosmods.com
Hardware & Devices


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:14.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App