I was recently given a job lot of computers and was asked to remove the personal data that belonged to the previous owners. I assured the person I got the computers from them that this would be done via DBAN on any drive that was still functional.
However for the OEM/retail machines and their OEM activations, I wanted to preserve the original Windows XP Home installations so thought that creating a set of recovery media from within the current OS on the hard drive would be the best way forward before I DBAN the current data into oblivion.
One of the machines was a Packard Bell iMedia 1308 from around 2004/2005. I booted it up and got a number of BSOD and after putting a new CMOS battery in and setting some valid BIOS settings, I was eventually successful in getting access to the machine via Safe Mode.
Unfortunately the built-in administrator and the local user accounts had passwords on them so after a quick reset using NTPassWd, I had gained entry to the machine as an administrator without Safe Mode.
Here is where things looked interesting on this Packard Bell computer. The C drive was a very small, nameless FAT32 partition which looked like it contained just the recovery data. The main operating system drive was D and this was only a few GB large and then the remainder of the drive was an E drive which had the Documents and Settings folders as well as the Program Files folder. I've not seen this set up before unless it was on purpose and I certainly wouldn't think that Packard Bell set it up like this from the factory.
After navigating through the installed software, I found the ability to do a full factory reset which required a restart of the PC. I couldn't see the ability to create a recovery disc set. I assumed I could do a factory restore then take an image of the "clean" installation on the hard drive as a VHDX image, DBAN the drive and then restore the VHDX back to the drive - preserving the factory installation only and leaving the rest of the drive's un-used space as blank.
Well this restore option was selected, the hard drive whirred for a little while then proceeded with the reboot of the computer. Upon restarting, it gave an NTLDR error.
Booting into a Puppy Linux Live USB and using GParted, I could see that the original C drive was the boot partition and that partition was now empty. I'm guessing the C partition used to to be a hidden restore partition and the restore software borked it before the reboot. I changed the D drive to be boot partition with GParted and the PC restarted normally again. The Packard Bell system restore software was now not giving me the option to restore to the factory image however.
Archive.org to the rescue! Someone had kindly uploaded a 2003/2004 Packard Bell iMedia Recovery Master CD Set which was downloaded, burned to CDs of which CD 1 was inserted into my PC.
This is when I needed to learn about how Packard Bell package their PCs and what they do to the DMI in the BIOS and the hard drive.
Here are some links for reading:
Here is my process for fixing it.
On booting from CD 1, I was greeted with a message "This computer has no valid information". Extensive Google searches show this is either caused by the motherboard being swapped or the hard drive having a tattoo in the boot sector of the hard drive. Back in the day, if the machine was being fixed under warranty for example, the technicians would have to tattoo the new hardware to be able to restore the original PB factory image.
Thankfully, this process is somewhat documented.
At the "This computer has no valid information" prompt, press any key and you will be returned to the command prompt. Type these commands:
- cd drivers
- tattoo /inithspretest
- exths /initexths
I found that I needed to also run the "tattoo /CREATEDMIFROMHS" command before it would let me restore the factory image.