Bios Rootkit

[wayout2day]

customer came in with a laptop...HP Pavilion dv6000. 200gb running Vista hm prem...the PC would only boot to an opening screen with the green ribbon and Microsoft Corp under it....never to the desktop.

I pulled the HDD. Using a docking bay, I copied the pictures and documents to another PC.

The HDD interrupted the copying, stopped. I then stopped the copying and finished folder by folder. In Win 7, I used disk mgmt to delete the volume, created a new volume and started the format. The format hung up and stopped at 67%. I did not wipe out the recovery portion of the disk.

I then deleted the recovery partition, and reformatted the entire drive. It took time, but was successful.

I loaded Win 7, using my MSI U-100 netbook. (I removed the 160 GB HDD running WIN 7)

The program loaded fine. I restarted and noted that the windows 7 startup screen did not appear. It was the same Microsoft ribbon screen.

I re-installed the 160 GB HDD into the netbook. It also loaded the ribbon screen.

I used another HDD to load windows 7 onto the HP. I loads into the WN 7 startup screen and then properly into the desktop.

I was reading about bios level rootkits. This would involve flashing the bios on the netbook, and probably the HP, and low-level formatting the 3 hard drives.

Or did the mischief just change the gui boot up ?

ready to flash

michael

 

[Chilly]

Huh? I'm not sure what your asking? Your post seems to be all jumbled up, I don't understand, could you try explaining what your asking again?

Do you think the HP got infected by a BIOS rootkit, which then, having still resided on the original HDD from the HP infect your netbook as well?

IF that is what you are asking, it doesn't hurt to flash the BIOS to the latest versions and nuke the drives, but I honestly doubt you were infected with a BIOS rootkit just by connecting the HP's HDD to your netbook.

I think all your drive swapping just caused some funny business with the gui boot up is all. IMO

 

[wayout2day]

sure...sorry for the mixing, but as you can see, it was a 2 am posting.

1. hp appeared with a gui bootscreen that didn't go into the desktop.
2. formatted the drive and then used it in the netbook

the gui boot screen on the netbook was changed. I wondered if this was a bad thing, because the net book started hanging up after I got to the desktop.

I finished the HP with no further problems and sent it on its way home with the customer.

why would the gui boot change ?

tks.

 

[wayout2day]

I just found a posting....relevant... ?

http://www.sevenforums.com/general-discussion/23886-different-boot-animation.html

 

[Bonksnp]

sure...sorry for the mixing, but as you can see, it was a 2 am posting.

1. hp appeared with a gui bootscreen that didn't go into the desktop.
2. formatted the drive and then used it in the netbook

the gui boot screen on the netbook was changed. I wondered if this was a bad thing, because the net book started hanging up after I got to the desktop.

I finished the HP with no further problems and sent it on its way home with the customer.

why would the gui boot change ?

tks.

Not sure but I would just Flash the BIOS and see if it's still behaving the same. If so you may be dealing with a faulty BIOS chip would be my best guess.

If it's still doing the same after you flash the BIOS (and by flash I mean flash correctly ) I would call the manufacturer.

 

[dahlhana]

your drive is probably dying... I would not trust it at this point unless it gets a clean bill of health from Spinrite.

 

[nessus]

your drive is probably dying... I would not trust it at this point unless it gets a clean bill of health from Spinrite.

+1

The problem follows the hard drive, not the laptop. If the problem was with the laptop BIOS, switching HDs wouldn't work, but from your description it does.