Possible bios virus

Rosco

Rosco

Well-Known Member
Reaction score
342
Location
USA
Have a client that uses yahoo mail. They pay to host it like gmail. No idea that was a thing. Anyway, she opened an email that said your email and computer had been compromised and that even changing your password wont help. She though it was a scam. She did a virus scan she said. Nothing was found. She shut down her laptop and went to bed. Yesterday morning she turned it on and had a bios password. The computer is 2 or 3 years old. Never had a bios password. She lives alone with her severely handicapped brother. I have removed the cmos battery ram and hard drive, and battery overnight. Still has the bios password. Any ideas would be great. its a toshiba satellite l875d-s7332
 
Resetting the BIOS is quite easy on Toshiba laptops. There's usually a couple of contacts located under the memory slot underneath the sticker that has the motherboard model # on it. Simply short those contacts and it should reset the BIOS. You may have to turn the computer on WHILE shorting those contacts in order for it to work.
 
sapphirescales said:
Resetting the BIOS is quite easy on Toshiba laptops. There's usually a couple of contacts located under the memory slot underneath the sticker that has the motherboard model # on it. Simply short those contacts and it should reset the BIOS. You may have to turn the computer on WHILE shorting those contacts in order for it to work.
Click to expand...

any idea to which jumper it might be
 

Attachments

  • 20190108_131243_1546971438467.jpg
    20190108_131243_1546971438467.jpg
    875.9 KB · Views: 48
I don't have any ideas on fixing your current issue but... I do not think you got the full story about how the BIOS password was set.

"Someone" had to go into BIOS and set it. The email that was mentioned could not have caused any damage to the computer.
Because of Faststart, It could have been done days or weeks ago and the computer had not actually shutdown or restarted in all that time.

Just food for thought.
 
Porthos said:
I don't have any ideas on fixing your current issue but... I do not think you got the full story about how the BIOS password was set.

"Someone" had to go into BIOS and set it. The email that was mentioned could not have caused any damage to the computer.
Because of Faststart, It could have been done days or weeks ago and the computer had not actually shutdown or restarted in all that time.

Just food for thought.
Click to expand...
i have thought of this. I would find it highly unlike she is lying about it. She has had me fix for embarrassing than forgetting a password and been honest about being the one to mess it up. Not saying it isnt possible
 
Larry Sabo said:
Yeah, it didn't work for me on one, IIRC. Don't remember the specifics or how to find that case in Quickbooks (since it doesn't allow compound searches). However, have you tried the suggestions a Google search suggests?
Click to expand...

i have looked at almost ll the page in the google search you suggested even before writing here.

frase said:
Have you removed the RAM when shorting the jumpers? Try this, restart again without ram. Then insert RAM
Click to expand...

Will try this later
 
talked to Toshiba and they siad based on the serial number it was purchused in Great Britain. i dont even know how that is possible. It has an american keyboard and possible supply. They said it needs to be serviced to be reset. I am starting to believe them. No matter what i short password is still there.
 
Theres no bios virus that sets a password, No one is going to make something that specific and that advance these days.

Edit: last virus to my knowledge that wrote to bios was back in the late 90's

Edit2: seems im mistaken about the late 90's i see some mentions of one in 2011-2012 but i didnt experience it
 
ComputerRepairTech said:
Theres no bios virus that sets a password, No one is going to make something that specific and that advance these days.
Click to expand...
On top of that, The scammer would have to give you a way to pay them to "unlock" it. Malware is all about making money. The email she recived was "toothless" and is just looking to see how many would fall for it and send the bitcoin and has nothing to do with the current situation period.
 
Toshiba has been famous for being difficult on something like this. Unless there is a challenge code I doubt that any method, short of a chip level exploit, will work.
 
  • Like
Reactions: NJW
on some of the very very old ones i had a parallel port key i could plug in that would remove the bios pw. i've heard rumors of usb pw key removers for toshiba satellites. i do know you can if you absolutely have to, unsolder the pw security chip, plug it into a chip socket, plug that into a chip password dumper and hook it to another pc, and read the pw, sometimes it's encrypted, but it's a lot of trouble and incurs a high degree of liability. my thoughts? the entire situation is highly improbable regarding the story you've received, but not impossible. I had one that randomly did this out of the blue to itself, unless of course you think someone broke into my house, changed the bios pw and powered it off without stealing anything or leaving any evidence.
 
You must log in or register to reply here.

Similar threads

thecomputerguy
Client locked out of MSN account in an interesting way.
Replies
7
Views
194
thecomputerguy
thecomputerguy
thecomputerguy
Client can't login to Google account using their own email.
Replies
8
Views
183
timeshifter
timeshifter
thecomputerguy
What are my options to prevent token theft?
Replies
5
Views
352
Sky-Knight
Sky-Knight
thecomputerguy
Family friends son died unexpectedly and is out of options right?
Replies
15
Views
602
fincoder
fincoder
YeOldeStonecat
Lenovos new ThinkPad X9 series
Replies
4
Views
210
twwabw
twwabw
Back
Top