possible virus on ssd firmware or bios?

Status
Not open for further replies.

urbancamper

Distinguished
Apr 10, 2011
10
0
18,560
On a restart at the end of a fresh windows 7 install after all updates this popped up on restart. The same thing happened yesterday which caused me to reinstall window.

"Your system found unauthorized changes to the firmware, operating system, or UEFI. Press [N] to run the next boot device, or enter directly to the bios setup if there are no other boot devices installed. Go to bios setup>Advanced>Boot and change the current boot device into other secured boot devices."

I can navigate the bios just fine. The problem is I can't figure out what caused this. Yesterday, or any other day for that matter I did nothing that would change the operating system. No downloads, no nefarious sites that I can think of. I was able to do a complete reinstall of windows. The computer rebooted up just fine for all the updates.

I'm pretty sure firmware has to do with the ssd, and motherboard drivers. MB drivers are same they have been in a while. Have not had any firmware updates for a while either. I checked the memory. It is ok.

I am typing this on the same computer. This time all I did was get windows running, got a few basic updates so the browser works a bit better, then downloaded Chrome and Avast and installed them would really like to know what it going on before I go any further.

I'm about to check sectors on the ssd. will be back shortly. Thank you.
 
Solution
Apparently you have Secure Boot enabled in your BIOS. I dont think it is a virus, and I think you should disable Secure Boot in your BIOS/UEFI.

"Cause
This behavior may occur when Secure Boot has been enabled in your computer's BIOS. Secure Boot protects the integrity of the operating system and prevents unauthorized firmware, operating systems or UEFI drivers from interfering with the boot process.
Resolution
To work around this issue, Secure Boot must first be disabled before installing new hardware. For more information on disabling Secure Boot in your computer's BIOS, reference the manual that came with your motherboard or contact your motherboard manufacturer. If you are in an enterprise environment, contact your system...

gaborbarla

Distinguished
Feb 6, 2009
55
0
18,610
Apparently you have Secure Boot enabled in your BIOS. I dont think it is a virus, and I think you should disable Secure Boot in your BIOS/UEFI.

"Cause
This behavior may occur when Secure Boot has been enabled in your computer's BIOS. Secure Boot protects the integrity of the operating system and prevents unauthorized firmware, operating systems or UEFI drivers from interfering with the boot process.
Resolution
To work around this issue, Secure Boot must first be disabled before installing new hardware. For more information on disabling Secure Boot in your computer's BIOS, reference the manual that came with your motherboard or contact your motherboard manufacturer. If you are in an enterprise environment, contact your system administrator."

Gabor
 
Solution

urbancamper

Distinguished
Apr 10, 2011
10
0
18,560
Ok i will check it out then do another install. i do hope you are correct. Thing is I don't think I had been in the bios for a while. Oh wait, is it possible to enable secure boot through msconfig? It will be easy enough to find. It might have been done already. I did reset the bios before my latest forage reinstalling windows 7. If that is the case I did it before this current install.
 

urbancamper

Distinguished
Apr 10, 2011
10
0
18,560
I found some stuff on it online. I now have a rudimentary idea of how it works. What it does is check for signed drivers. If a driver is unsigned it will at first try to fix the issue if it can't it may cause a lockout.

So i was looking at it in the bios and there are all sorts of controls for it. I can't just turn it off. i think i founf d the right button though, and I also think I know what caused it. If this is indeed the problem.

A few hours earlier I installed the latest beta amd driver. I know it was unsigned because i did a Dxdiag on the system after the install. Anyway on the next update restart I will investigate the Boot logger some more.

 

urbancamper

Distinguished
Apr 10, 2011
10
0
18,560
I think I have it now. To disable Secure boot i would have to clear PK Management. I am almost sure you are correct in your assessment. I forgot to write down that there was another boot option that was strange looking in the bios when all this went down. Forget the name of it but i am sure that secure Boot generated this to try and get me logged in.

I found the article that helped me to somewhat understand this here.

https://technet.microsoft.com/en-us/library/hh824987.aspx

Boy is this post in the wrong place. sorry about that and thank you for the help.
 

gaborbarla

Distinguished
Feb 6, 2009
55
0
18,610


You had valid concerns and firmware viruses do exist, so this does belong here as that was your concern.

Hope all goes well,
Gabor

 
Status
Not open for further replies.