I’ll leave it as an exercise to the reader to prove that there is no way for malware to futz with the ‘safe copy’ of the BIOS that could overwrite the other. (Hint: as if)
depends how it is implemented
if the button is an actual hardware reset that forces a reload from ROM that seems like it would work
if it is just a software call then the malware would just reset your settings and lie to you, and if it is not an actual ROM it would just write itself in the backup...