Other Virus -- FIXED -- WINNER

Where does that file come from?

 

aramil supplied it in this post

 

I think you should use the files from the DOS Flash folder of SP57421. Just copy everything to a bootable USB drive substituting the J01_0221.BIN file with your modified BIOS image (I suppose the HP 6200 supports bootable USB drives).

 

Do you think i'll get verification issues?

Edit, exactly the problem, the Dosflash app

 

No, since DOSFlash doesn't use the .sig file and MMTool will have applied a valid checksum to the modified BIOS image.

 

Its something to do with the flashuefi.cpu (possibly)

 

Flashuefi.cpu seems to be an UEFI application. I've no idea if it contains any additional checks. Does it throw a fit?

 

Well first it points out the bios revision numbers are the same, (asks if i want to continue)

Then is mentions flashuefi.cpu version being the same (ask if i want to continue)

Uploads to 100%

then reads

Error! System Rom image is invaild

 

Have you tried AMI's own flash tool : HERE

Maybe instead of removing the C.T. section maybe zeroing it (overwriting it) might let DOSflash flash it.


or you could try this:http://www.bios-mods.com/forum/Thread-Flashing-Our-Modded-HP-Bioses

 

Direction of investigation may have taken a new route away from the Bios/firmware, shall report back soon

 

So the new direction I went in was to use the ATA-secure erase tools built into the firmware of the Hard drive, in hope of removing any HPA partitions that it could be hiding in. Apparently DBAN can miss these.

Anyway, still got the same issue of the white screen. Feeling pretty rough today with a sore throat so not 100% behind it at the moment.

Going to re-install and enable remote access to see if I can actually get anywhere with it after infection.

 

I hope you feel better soon. health before tech

 

So, I installed a spare network card that I knew windows would have drivers for.

Installed Win7, whilst that was installing I download Comodo Internet Security to a flash drive. The instant Win7 was up, I installed Comodo and then gave the machine a physical network connection to allow Comodo to update.

From there the machine had a decent Firewall in place, on the 2nd reboot it stopped rcpnetp from dialling out. All Windows updates installed, and its been up for 4 hours with out headache.

 

Well, that's a solution of sorts.

What about the spare HDD?

BTW, hope you're feeling better.

 

Well done! 10/10 for perserverance. How much is this going to cost the customer?

 

Feel like utter ****. With regards to the spare HDD I was going to test, I doubt it would resolve the problem as many people have tried the same. If the infection did create its own HPA, or if the computrace creates a HPA then I would be stuck with two drives being a pain in the backside.

Zero, well maybe a beer..

 

A well earned beer

Sent on my CM10 JB powered i9100 by TapaTalk 2

 

I'm a bit curious on Comodo Internet Security.. is it reliable?? just want to know..

 

I use Comodo firewall. It's fine, and has got me out of a few annoying problems in the past.

 

Considering it's the only product offered online that has actually stopped this problem, yeah I would considered them reliable.