Discussion in 'General Returnil discussions' started by Pliskin, May 21, 2009.
Can Returnil protect us against new viruses which rewrite motherbord chip hardware and BIOS ?
Hello Pliskin and welcome to the forums
No, There is currently no software solution that will protect you against physical hardware attacks. There are hardware solutions for this however in the form of Instant recovery cards that can protect things like the BIOS and CMOS.
Hardware owns software but hardware is dependent on software.
Aren't these viruses software, too? I'm just curious. Returnil is great btw, a big thank you to developers!
Yes they are software and it depends on the delivery method. If you are in Windows and this type of attack is launched via a software attack, there is protection against the actions of the malicious program. If the attacker has physical access to your computer however, all bets are off via a software approach.
Is this similar to what you were talking about ColdMoon? if not do you have a link?
There are a number of cards on the market with different capabilities. This thread might be a good place to start:
I bought a PCI Restore Card that has almost all functions mentioned in this forum other thread. It costed me around US$20. It function very well. But it has many virus. NOD32 prompts out every time and again for several main files of the bundled software. The only thing I can do is add the whole tree (something like system32 folder) to the exception list of NOD32. MY GOD!!!!
How can I know if it has changed my BIOS, Moon, and all brothers? Thanks a lot.
This is better addressed in another forum as it is not Returnil related. My first suggestion would be to contact Eset support for assistance with NOD32 detections and exclusions.
Pls advise what forum can I visit as the above link seem too old that I cannot post thread there.
The same forum that the older thread is in would be appropriate...
So does returnil protect against software borne bios attacks? Or were you talking about other solutions?
Separate names with a comma.