How can I correct a Lenovo biometrics corruption?

Posted on 2007-07-24
Last Modified: 2008-01-09
We have an IBM Lenovo and somehow the biometrix security has become corrupted.  We get a 'hal.dll is missing' error. I have run a diagnostic on the hard drive--I can see the directory structure but none of the files. Disk commander shows the files, including the entire Windows directory, but they are all appearing to have been deleted and need to be undeleted.  I have been working on just the bare drive, but believing that the problem is a security issue and have asked the person to bring me the laptop.

Does anyone know how to correct this situation.  Is it a biometric corruption? Is there an easy way of attacking this?
Question by:PCLANTECHS
    LVL 14

    Expert Comment

    I don't see how this can be a biometrics problem unless the biometrics program's response to a failed user identification (i.e., incorrect fingerprint match) is to clobber the OS on the hard drive.

    'hal.dll is missing' is a startup message telling you that the boot loader cannot find the Hardware Abstraction Layer Dynamic Link Library (HAL.DLL), which is stored in the Windows directory that appears to have been cleaned out.  Either someone got a particularly nasty virus, tired a Windows reinstall that failed partway through or tried to 'fix' something by going in via the back door.

    I would recommend putting the laptop back together and restoring it from the vendor's disks - the set of disks that (might have) come with the machine and can be used to reinitialize the computer to the state it was when it was first purchased.  If you don't have restoration disks, contact the vendor with the unit's model and serial number and see if you can get them.

    If there is user data on the drive and you can see it with Disk Commander, you might be able to back it up prior to reinstalling Windows - it will be gone after a bare-metal reinstall.

    LVL 1

    Author Comment

    The drive has a lot of orphaned files also--as seen with Winternal's Disk Commander.  I just need to recover the My Documents folder. I tried to connect a USB external HDD to copy to, but that failed.
    An IBM encryption issue is what I am thinking.

    We just received the original notebook: Lenovo T60p.  When I boot up and press the ThinkVantage button, it prompts for a password.  I enter the only one the guy has used and it doesn't work.

    Any advice?
    LVL 63

    Accepted Solution

    Not good.

    I would use whatever means posible to try and recover files.

    If had drive encryption was used,  you probably will not be very successful.

    try       data recovery, partition recovery partition repair

    I hope this helps !

    LVL 14

    Expert Comment


    I just spent some time on the Levono website looking at the Think Vantage setup and some of the administrators documentation.  It appears that Think Vantage is a multi-component system involving hardware protection (against drops - it locks the drive using a g-sensor) and encryption of data (it uses a proprietary processor on the system board to encrypt the drive).

    There are some methods for recovery of data in the case of a processor board being replaced, but that's not your case - as I understand it you have a lost password, yes?  Provided you aren't dealing with a fingerprint reader (without the right fingerprint around to activate the protection unlock), a lost password AND encrypted files look like a no-go data recovery situation.

    You probably already looked at the Levono site, but here's a link to the FAQ:

    I see that they have a link to live chat with service reps - that's the only recourse I can think of at the present time.

    Sorry to be so negative here - perhaps I'm not understanding the situation.  

    If the user did not use the built-in encryption feature but only the Windows file encryption, recovering his/her Windows (not ThinkVantage) password MIGHT get you out of the woods.  What you need to do is access the files with the exact user ID string that is associated with that Windows login - it is a random number string generated when a user is created and, if the user has a password, is only recoverable by entering that password - NOT by clearing the password.  If a Windows user password is cleared, any encrypted data stored by that user is forever inaccessible (well, there is a recovery process that is supposed to work with a password backup disk (which hardly anyone ever bothers to generate) but, in four or five attempts, I have never gotten it to work - maybe I'm just dumb or unlucky but.....).

    Otherwise, I believe the ThinkVantage system uses another level of passwords (and possibly biometrics) to further encrypt data.  It might be possible to reset this password WITHOUT making the data unreadable, but I would refer you to Levono for that one.

    LVL 44

    Expert Comment

    As USUAL for this kind of situation, you MUST remove the drive from the laptop and run it as slave on a desktop system to see if the NTFS file system is truly corrupted.  You might also have to take ownership --

    Once you have done that, you can see if the file system is still in tact.  if so, copy off the files.

    If not, use a NON_DESTRUCTIVE file reconstruction utility like GETDATABACK --
    DO NOT do any checkdisk or scandisk, it will GUARANTEE you will trash the drive contents immediately.
    LVL 1

    Author Comment

    To save others time in the future.
    I did used a data recovery utility.  I was again able to see the data files.  I was then able to 'recover' them to the primary O/S drive (data files were originally on slave drive).  All the files types were correct -- .pdf's were recognized as PDF's, etc. However, when I attemtped to open the files, they were all corrupted--aside from a very few text files.

    I called IBM on our clients behalf and they want nothing to do with data recovery.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Scale it in WD Gold

    With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

    Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
    Moving your enterprise fax infrastructure from in-house fax machines and servers to the cloud makes sense — from both an efficiency and productivity standpoint. But does migrating to a cloud fax solution mean you will no longer be able to send or re…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now