• ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
We have new content about Hotkey issue, Click here to check it out!
Locked

‎09-05-2021 03:35 AM

HP Recommended
Product: HP Probook 430 G1
Operating System: Microsoft Windows 10 (64-bit)

Hello.

Computer has been compromised (files & typestreams find themselves elsewhere).

Appears malware is not in the (full-disk bitlocker protected) Windows/Drivers/Apps/Data partition - Believe can say this as booted from a Linux Live-CD, the bitlocker partition was not visible yet the malware remained active.

Conclude malware is stored in either a) the System Reserved partition or b) the firmware.

(No AV product has identified anything suspecious although they do not appear to make specific reference to the System Reserved partition)

Have already re-flashed the BIOS and re-intalled the Intel Management Engine (IME) driver (appears not to include firmware).

 

Wish to re-flash the IME firmware (ideally, all other firmware in computer as well).

Cannot find any firmware in the HP site other than BIOS.

Kindly assist with a) determining the precise (non-ROM only, given issue) firmware/microcode/etc areas in specific computer and b) finding the code from HP/a reliable source.

Latest BIOS (L73_0149) (re)installed, windows 10x64 up to date, drivers up to date, though these should not make any difference.

Apologies for long text, trying to be precise,

Thank you v much,

Category:
Warning
Be alert for scammers posting fake support phone numbers and/or email addresses on the community.
If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.

Didn't find what you were looking for? Ask the community

† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.