Support in other languages: 
Showing results for 
Search instead for 
Do you mean 
Reply
Paper Tape
customer424242
Posts: 3
Registered: ‎01-09-2012
Location: Canada
0

Why no BIOS?

I have a lenovo G550 and know that my BIOS is infected. I require the original BIOS that came with the laptop (I know the risks about flashing my BIOS). I haven't been able to find anything OEM other than updates, and had a talk with a representative that ended up telling me that my only option was to send the laptop in to be flashed for me - not feasible in my current situation.

 

Any help would be greatly appreciated.

goretsky
Posts: 2,059
Topics: 19
Kudos: 370
Solutions: 144
Registered: ‎12-01-2007
Location: California, USA
0

Re: Why no BIOS?

[ Edited ]

Hello,

 

I am not familiar with Lenovo G550 series, but I am guessing that if a BIOS update is not available than  it is because one has not been released.

 

As for the infection, can you tell us more about it, such as what your anti-malware software detected it as?  Perhaps someone can recommend some steps to help you remove it or get some additional assistance in diagnosing the problem.

 

Regards,

 

Aryeh Goretsky

 



I am a volunteer and neither a Lenovo nor a Microsoft employee. • Dexter is a good dog • Dexter je dobrý pes
S230u (3347-4HU)X220 (4286-CTO)W510 (4318-CTO)W530 (2441-4R3)X100e (3508-CTO)X120e (0596-CTO)T61p (6459-CTO)T43p (2678-H7U)T42 (2378-R4U)T23 (2648-LU7)
de.gif  Deutsche Community es.gif  Comunidad en Español ru.gif Русскоязычное Сообщество
Bugbatter
Posts: 803
Registered: ‎05-01-2010
Location: USA
0

Re: Why no BIOS?

As goretsky requested, please tell us more.

Following that if you or goretsky feels that you need additional assistance, I suggest posting in the Malware Removal Forum at SpywareHammer and have the staff trained in malware removal walk you through the cleanup. Help is free, but you will need to register there. Posting instructions are at the top of the forum. Please include "[Attn: K27]" in the title of your topic.

 


 photo XmasReindeer.png

Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.

Microsoft MVP - Consumer Security

SpywareHammer

Paper Tape
customer424242
Posts: 3
Registered: ‎01-09-2012
Location: Canada
0

Re: Why no BIOS?

[ Edited ]

goretsky wrote:

Hello,

 

I am not familiar with Lenovo G550 series, but I am guessing that if a BIOS update is not available than  it is because one has not been released.

 

As for the infection, can you tell us more about it, such as what your anti-malware software detected it as?  Perhaps someone can recommend some steps to help you remove it or get some additional assistance in diagnosing the problem.

 

Regards,

 

Aryeh Goretsky

 


 Well I know I'm infected because after formatting (I use ubuntu), I scanned through my kernel logs and found that there were some packets being sent from ring0 to a foreign IP. There happened to be an http server running at the IP and simply sent "lol". I really just want to flash my bios, do a zero-fill and be done with it, but... I guess that's not possible.

 

As for lenovo making no effort to release my particular bios.. (and throwing lenovo products at me .. out of the box [some popup application running on intervals]).. I don't see myself buying a lenovo again... but I digress.

 

Are there any suitable tools/resources that I could use to "repair" my BIOS?

Paper Tape
customer424242
Posts: 3
Registered: ‎01-09-2012
Location: Canada
0

Re: Why no BIOS?


Bugbatter wrote:

As goretsky requested, please tell us more.

Following that if you or goretsky feels that you need additional assistance, I suggest posting in the Malware Removal Forum at SpywareHammer and have the staff trained in malware removal walk you through the cleanup. Help is free, but you will need to register there. Posting instructions are at the top of the forum. Please include "[Attn: K27]" in the title of your topic.

 



Yes, thank you, I will do that.

goretsky
Posts: 2,059
Topics: 19
Kudos: 370
Solutions: 144
Registered: ‎12-01-2007
Location: California, USA

Re: Why no BIOS?

[ Edited ]

Hello,

 

I'll let the Ubuntu rootkit experts handle this from here, but a few things I am personally curious about:

 

  1. Was the notebook ever infected with malware prior to installing Ubuntu?
  2. Was the hard disk drive wiped (zero-filled) before Ubuntu was installed?
  3. Did you check the reputation/known activities of the host/IP address the computer was connecting to?  In other words, was it known to be a malicious site (part of a botnet C&Cinfrastructure, drop zone for stolen information, and so forth)?
  4. Did you try running the pcap/logs/other data you collected through DShield or Snort to see if there were any correlations to known attack patterns or payloads?
  5. Have you tried booting the computer from an antivirus vendor's LiveCD to see if that found anything in the boot record or the file system?

It might be useful to dump the BIOS and have that ready to provide the person who will be assisting you.  If your notebook has a BIOS by Phoenix than Phoenix's Winflash utility would be what you use, for Award BIOSes, the appropriate Awdflash utility and so forth.

 

Please come back after you have resolved the issue to let us know how things worked out.

 

Regards,

 

Aryeh Goretsky

 



I am a volunteer and neither a Lenovo nor a Microsoft employee. • Dexter is a good dog • Dexter je dobrý pes
S230u (3347-4HU)X220 (4286-CTO)W510 (4318-CTO)W530 (2441-4R3)X100e (3508-CTO)X120e (0596-CTO)T61p (6459-CTO)T43p (2678-H7U)T42 (2378-R4U)T23 (2648-LU7)
de.gif  Deutsche Community es.gif  Comunidad en Español ru.gif Русскоязычное Сообщество
Broadband 3G
JDay
Posts: 999
Registered: ‎01-06-2011
Location: Sacramento, CA
0

Re: Why no BIOS?


customer424242 wrote:

goretsky wrote:

Hello,

 

I am not familiar with Lenovo G550 series, but I am guessing that if a BIOS update is not available than  it is because one has not been released.

 

As for the infection, can you tell us more about it, such as what your anti-malware software detected it as?  Perhaps someone can recommend some steps to help you remove it or get some additional assistance in diagnosing the problem.

 

Regards,

 

Aryeh Goretsky

 


 Well I know I'm infected because after formatting (I use ubuntu), I scanned through my kernel logs and found that there were some packets being sent from ring0 to a foreign IP. There happened to be an http server running at the IP and simply sent "lol". I really just want to flash my bios, do a zero-fill and be done with it, but... I guess that's not possible.



None of which indicates an infected BIOS. How do you know that your souce media is not infected with a rootkit? It happens.