• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
Are you having HotKey issues? Click here for tips and tricks.

‎06-05-2025 12:47 AM

HP Recommended

Hello,

I have an HP EliteBook x360 1030 G3 that appears to be infected with a persistent UEFI rootkit. The BIOS/UEFI firmware seems to have been modified, and standard BIOS reset methods (including CMOS battery removal and BIOS recovery key combos) do not remove the compromise.

Symptoms include:

• Unknown BIOS administrator password

• Modified firmware behavior

• Persistence even after OS reinstallation

• Possible ME (Management Engine) region tampering

I’m looking for advice on the correct process to fully sanitize and restore the firmware, preferably by using hardware tools like a CH341A programmer and SOIC8 test clip. Specifically:

• Which chip on the motherboard contains the UEFI firmware on this model?

• Is it safe to dump, clean, and flash the BIOS using a clip without removing the chip?

• How can I obtain a clean and working BIOS dump for this exact model (HP EliteBook x360 1030 G3)?

• Are there known security protections (e.g., BIOS write protection, Intel Boot Guard, etc.) that might block flashing?

• Any tips on verifying that the ME region and Boot Guard aren't compromised?

If anyone has experience recovering or re-flashing EliteBooks in a secure and reliable way, your input would be greatly appreciated.

Thanks in advance!

Reply
Warning
Be alert for scammers posting fake support phone numbers and/or email addresses on the community.
If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.