Who (or what) is setting BIOS password?

Recently, when trying to enter BIOS (an Asus motherboard), I was asked for a password. I have never set a password. Thus, the fact that I was asked for a password is unusual. I shutdown the computer, removed the CMOS battery, waited for a while, then started up the computer and hit "DEL" to enter the BIOS. This time, I was NOT asked for a password. I then boot into Windows 7 and restarted the computer. When trying to enter BIOS during this startup, I WAS asked for a password again.

Summary:

1. remove power cord, remove CMOS battery, put everything back, start the computer - no password request
2. afterwards, boot into Windows 7, restart the computer - BIOS asks for a password.

It seems to me a trojan on the harddisk is setting a BIOS password. Is this a valid interpretation of the above behavior?

I have scanned the harddisk with tdsskiller, rkill, aswmbr, AVG. They found nothing. I have used aswmbr to rewrite the MBR, run "bootrec "/fixboot" or "/fixmbr". The password request persists.

For now, I leave the computer alone. But I am thinking perhaps I should try a low level reformat of the harddisk to see if it can stop the password setting behavior. If I do that, I'll have to reinstall and update the Windows. It'll take many hours. I don't want to do it if I don't have to.

Thanks for the reply.

The desktop has been around for about a year. It was recently recovered (or maybe not?) from a virus (or viruses?) attack.

https://www.sevenforums.com/system-se...-name-exe.html

Computer specs? Is it a desktop or laptop?

For malware to change a BIOS password is barely possible but highly unlikely. The BIOS is proprietary and information about where and how BIOS passwords are stored is deliberately undocumented.

Have you tried to properly reset the CMOS? Look at the motherboard manual for the reset jumper, there is always one that, when switches, completely clears the memory and all its settings. Switch the jumper to the "delete" position for a few seconds, then place it back where it was. Usually it's located near the battery but be sure and look in the manuals.

Then enter BIOS again, password should be gone forever.
It's rare to be a virus changing this, but it's not technically impossible. But for such level of an access, a driver is most likely needed, and for rootkits often the only sure way is to reformat and wipe the current install. I would seriously consider that if the problem persist.

Thanks to everyone who replies to my problem.

The motherboard indeed has uefi. I have yet to find out the motherboard model number so to download its manual. Beside the password, everything else seems to work fine. Thus, I'm not in a hurry to figure out what's going on. I don't think the BIOS is permanently changed since removing battery gets rid of the problem (for once only).