all 13 comments

[–]ReeferMadness 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (1 child)

Just because your virus scan didn't find the virus does not mean it's not there. It's clearly there as you can clearly see it doing its thing. You are being spied on and this lock is probably there to prevent you from doing anything that would allow you to capture their spyware.

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

The government can spy on me without a virus; Windows has a back-door — and that's a fact. It makes sense they would mess with my BIOS, though, to keep me from using operating systems that don't have a back-door, but nobody actually cares about me that much.

[–]LarrySwinger2 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (1 child)

I'm writing something up for you. I just gotta leave for a couple of hours. This is nothing that can't be fixed.

[–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Thanks, Larry! Feel free to take your time, because this ain't exactly a pressing issue.

[–]LarrySwinger2 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (5 children)

Try to understand the problem. ReeferMadness may have a point when he says it's a virus (a rootkit, I suppose). Maybe Windows corrupts it each time on boot, or maybe it never really got out of a corrupted state. It's curious that it fails to boot multiple GNU/Linux distros, even after a BIOS update. To be safe, it's okay to assume that it's both of these issues, and to find a solution for them both.

I will say that if this is a rootkit, it's a really advanced one. I've never encountered that. But it exists. You want to do the flashing independently of the BIOS itself (since a rootkit in the BIOS may corrupt the update process otherwise).

Option A: backup BIOS

Some motherboards have a backup read-only BIOS which you can use for recovery. Check if yours does (by finding out the model name and looking it up, or by checking the manual), and if so, look up how to boot it.

Option B: DOS

If you only have one BIOS, you can flash it from within FreeDOS, if you have the appropriate program. For Gigabyte boards, the program is called Efiflash, and there's probably an equivalent for boards from other companies. You also need to download the latest update for your BIOS from your an official website. So put FreeDOS on a USB stick or CD-ROM drive alongside the flasher program and a BIOS image (and put those two in the same folder).

Then you need to find a way to boot into it. What you can try is to disconnect all your HDDs / SSDs and boot with just the stick / CD connected. In fact, if you have some other media which you're 100% sure your PC should be able to boot from, you can try it with that media first. If it doesn't work with that, there's no use in trying it with FreeDOS.

Option C: USB programmer

But if the above options are both unavailable, you'll have to resort to flashing with a USB programmer. This is more difficult, but I can guide you.

Please let me know if either option A or B is available. If so, I recommend that you don't actually do it, but that you instead make backups first and wipe the disk with Windows on it. Then you flash your BIOS. If both those options aren't available, it may be worth your while to try the BIOS update again like before, but this time perhaps only after wiping your disk. Alternatively, I can explain how to do it with a programmer.

[–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Thanks!

a rootkit, I suppose

I know I didn't download a root-kit — or any other kind of virus — so there's definitely so'm sinister going on with Windows. I'm unsure if Windows is programmed to revert the update, or if it does it by accident, or if someone got into the CIA back-door — but it's one of these.

Assuming I do have a root-kit, it's quite abnormal, because I haven't seen any pop-ups or advertisements, my computer doesn't use a lot of CPU power, there aren't any suspicious network connections, and none of my accounts have been compromised. The purpose seems to be restricted to locking me out of the BIOS — or additionally: surveillance.

It's curious that it fails to boot multiple GNU/Linux distros, even after a BIOS update.

When I tried to boot Linux Lite: it pulled up a grub terminal (which I don't know how to use), but QubesOS just gave me a blank screen. Not sure if that information's useful or not.

I will say that if this is a rootkit, it's a really advanced one.

Yeah, it would have to be kernel-level.

Option A: backup BIOS

I'll try to do that. Apparently some HP computers have, like, a key combination you can press to reset the BIOS.

[–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

I reset the BIOS and it let me back into the BIOS menu, but it still won't boot Linux; I still get dumped into a grub terminal with no idea what to do.

Edit: that got reverted too. Option A does not work.

[–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (2 children)

Option A just gets reverted, and the other two options are too technical for me, so I guess I'm out of luck.

[–]LarrySwinger2 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (1 child)

It's not that difficult if you go through it step by step. But anyway, you're 100% sure you can boot from those same GNU/Linux images on other computers? If you get into a grub terminal, that's an indication you booted from it. Some images are like that. I recommend that you try it with Trisquel or GNU/Linux Mint.

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Yeah, it ain't hard, it's just kind of scary, because if I mess so'm up: I can fry my computer.

I have an old Mint ISO, so I might try it later. So far I've tried Linux Lite and QubesOS, and neither worked right. I know the Linux Lite and Mint ISOs work, because I've installed them onto computers before. I bet they're both out of date, though.

[–]brbmodule 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

ur doin smthing wrong then. it usually takes just a couple of minutes to re-write le bios. goes that process wahoony shaped -> dead pc. the fact that it still boots is due to some helping from unknown thirdparties who prevents u from doing shit.

[–]asterias 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (1 child)

The suggestion from u/Dinosaurysus about the CMOS battery needing replacement sounds valid. Especially if you have the computer for a few years, and the erratic behaviour might be a sign of a dead battery. It pays little to try to replace it before resorting to more drastic measures. Just pay attention to buy the correct battery.

But I find it really weird that if I leave Windows on too long it reverts, but if I restart immediately: I can do whatever I want — except boot Linux, apparently, that won't work no matter what I do.

The first question: That's because the battery has some charge to hold the changes for a few minutes but not for longer? For the second question: I see you tried with two distributions, the first isn't exactly a major one, and the second one has certain requirements that must be met in order to run and it's not a livecd unless you tried an earlier version.

Replacing the battery is easy, but if you have been attacked by a rootkit that's vastly more difficult to address. Somewhat irrelevant to these two, if you want to experiment with linux you can try with something more suitable for general use from an established source.

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Yeah, I'm going to try replacing it before I do anything else.