Solved

How can I correct a Lenovo biometrics corruption?

Posted on 2007-07-24
6
1,253 Views
Last Modified: 2008-01-09
We have an IBM Lenovo and somehow the biometrix security has become corrupted.  We get a 'hal.dll is missing' error. I have run a diagnostic on the hard drive--I can see the directory structure but none of the files. Disk commander shows the files, including the entire Windows directory, but they are all appearing to have been deleted and need to be undeleted.  I have been working on just the bare drive, but believing that the problem is a security issue and have asked the person to bring me the laptop.

Does anyone know how to correct this situation.  Is it a biometric corruption? Is there an easy way of attacking this?
0
Comment
Question by:PCLANTECHS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 14

Expert Comment

by:warrenbuckles
ID: 19556395
I don't see how this can be a biometrics problem unless the biometrics program's response to a failed user identification (i.e., incorrect fingerprint match) is to clobber the OS on the hard drive.

'hal.dll is missing' is a startup message telling you that the boot loader cannot find the Hardware Abstraction Layer Dynamic Link Library (HAL.DLL), which is stored in the Windows directory that appears to have been cleaned out.  Either someone got a particularly nasty virus, tired a Windows reinstall that failed partway through or tried to 'fix' something by going in via the back door.

I would recommend putting the laptop back together and restoring it from the vendor's disks - the set of disks that (might have) come with the machine and can be used to reinitialize the computer to the state it was when it was first purchased.  If you don't have restoration disks, contact the vendor with the unit's model and serial number and see if you can get them.

If there is user data on the drive and you can see it with Disk Commander, you might be able to back it up prior to reinstalling Windows - it will be gone after a bare-metal reinstall.

wb
0
 
LVL 1

Author Comment

by:PCLANTECHS
ID: 19556880
The drive has a lot of orphaned files also--as seen with Winternal's Disk Commander.  I just need to recover the My Documents folder. I tried to connect a USB external HDD to copy to, but that failed.
An IBM encryption issue is what I am thinking.

We just received the original notebook: Lenovo T60p.  When I boot up and press the ThinkVantage button, it prompts for a password.  I enter the only one the guy has used and it doesn't work.

Any advice?
0
 
LVL 63

Accepted Solution

by:
SysExpert earned 500 total points
ID: 19557026
Not good.

I would use whatever means posible to try and recover files.

If had drive encryption was used,  you probably will not be very successful.

try

 http://www.hdrdatasoftware.com/       data recovery, partition recovery partition repair
  http://www.r-tt.com/
  http://www.dtidata.com/
               
  http://www.runtime.org/gdb.htm 

I hope this helps !


0
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

 
LVL 14

Expert Comment

by:warrenbuckles
ID: 19557353

I just spent some time on the Levono website looking at the Think Vantage setup and some of the administrators documentation.  It appears that Think Vantage is a multi-component system involving hardware protection (against drops - it locks the drive using a g-sensor) and encryption of data (it uses a proprietary processor on the system board to encrypt the drive).

There are some methods for recovery of data in the case of a processor board being replaced, but that's not your case - as I understand it you have a lost password, yes?  Provided you aren't dealing with a fingerprint reader (without the right fingerprint around to activate the protection unlock), a lost password AND encrypted files look like a no-go data recovery situation.

You probably already looked at the Levono site, but here's a link to the FAQ:

http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-4YRRG6

I see that they have a link to live chat with service reps - that's the only recourse I can think of at the present time.

Sorry to be so negative here - perhaps I'm not understanding the situation.  

If the user did not use the built-in encryption feature but only the Windows file encryption, recovering his/her Windows (not ThinkVantage) password MIGHT get you out of the woods.  What you need to do is access the files with the exact user ID string that is associated with that Windows login - it is a random number string generated when a user is created and, if the user has a password, is only recoverable by entering that password - NOT by clearing the password.  If a Windows user password is cleared, any encrypted data stored by that user is forever inaccessible (well, there is a recovery process that is supposed to work with a password backup disk (which hardly anyone ever bothers to generate) but, in four or five attempts, I have never gotten it to work - maybe I'm just dumb or unlucky but.....).

Otherwise, I believe the ThinkVantage system uses another level of passwords (and possibly biometrics) to further encrypt data.  It might be possible to reset this password WITHOUT making the data unreadable, but I would refer you to Levono for that one.

wb
0
 
LVL 44

Expert Comment

by:scrathcyboy
ID: 19561847
As USUAL for this kind of situation, you MUST remove the drive from the laptop and run it as slave on a desktop system to see if the NTFS file system is truly corrupted.  You might also have to take ownership --

http://www.le.ac.uk/cc/dsss/docs/acls2.shtml

Once you have done that, you can see if the file system is still in tact.  if so, copy off the files.

If not, use a NON_DESTRUCTIVE file reconstruction utility like GETDATABACK -- www.runtime.org
DO NOT do any checkdisk or scandisk, it will GUARANTEE you will trash the drive contents immediately.
0
 
LVL 1

Author Comment

by:PCLANTECHS
ID: 19565518
To save others time in the future.
I did used a data recovery utility.  I was again able to see the data files.  I was then able to 'recover' them to the primary O/S drive (data files were originally on slave drive).  All the files types were correct -- .pdf's were recognized as PDF's, etc. However, when I attemtped to open the files, they were all corrupted--aside from a very few text files.

I called IBM on our clients behalf and they want nothing to do with data recovery.

Lesson:  Simply put: BACKUP YOUR DATA & CREATE RECOVERY DISC.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Moving your enterprise fax infrastructure from in-house fax machines and servers to the cloud makes sense — from both an efficiency and productivity standpoint. But does migrating to a cloud fax solution mean you will no longer be able to send or re…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

736 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question