Every day the threat poised by malware grows greater and greater. A recently discovered trojan known as Trojan.Mebromi is able to flash itself to the BIOS of infected computer. So far it can only infect the Award bios system. Malware similar to this have been developed before called CIH, but it was last seen in the 1990’s and only corrupted the BIOS not hide in it.
What happens is that when you turn on your computer the BIOS loads the operating system up, among other things. What Mebromi does is alter the MBR (master boot record) of the system. This allows it to run its commands on start up before the OS. Upon booting the system it infects the system and downloads malicious files. This creates a big challenge for anti-virus developers because even if their scanners find the virus and remove it, they don’t detect it located in the BIOS. So when the user turns their computer on it again, it re-installs itself back onto the system.
So far the only way to remove it from your system is by flashing the BIOS.Flashing the BIOS is a very delicate procedure that could render your system bricked in the worst case scenario so anti-virus developers are hesitant to do anything that could modify the BIOS in any way, preferring to leave it up to the developers of the BIOS.