Hello,
I recently buy Chuwi HI13 tablet.
When I compare extracted bios with AFUWINGUIx64 to the original bios I’ve just flash. The CRC is different and WinDiff see a lot of difference into the tow files.
Am I right to think my computer is infected by a Rootkit ?
Is there a way to clean it. Help will be greatly appreciated.
@ferreol :
I doubt, that the BIOS of your tablet is infected.
The BIOS file, which has been delivered by the system/mainboard manufacturer, is not identical with the BIOS Region, which is inside your system’s BIOS chip.
Thank you for your quick answer, but I’m not sure you’ve understood that I first flash my tablet with official bios, then reboot and extract it with AFUWINGUIx64. And compared with the one I’ve just flash.
when you extract the BIOS from the motherboard chip it is different to the actual BIOS file you download to flash the chip. Fernando understood what you said and answered correctly. The "BIOS region" is what you extracted with the tool you used. The BIOS file contains other code along with the information that is flashed to the chip. That is why it has a different CRC SHA checksum compared to the BIOS file you downloaded.
Did this help?
Thank You for your clear answer.
It’s completely contradictory with my knowledge, but I’m not a bios engineer and you must be right.
I still put a screenshot of WinDiff to show the amount of change.
And here a link of a post I’ve created on the official Chuwi forum.