That's it.Although I did'nt translate,you got it. Some RSDT will copy oem id and oem table id from the marker of slic, but acer will not.In acer insyde bios,oem id,oem table id of RSDT,SLIC will copy from another place(search for "ACRPRDCT" or part of "ACRPRDCT").But better to judge before moding.
Woohooooo... Just as Yen predicted... It's a success Yup... kinda puzzled a bit with the translation... I have been investigate myself about the crashing though... before it I just swap the header with another BIOS... and can open the FD without crashing... but while I'm doing that you already came up with another breakthrough finding the oemid... kudos to you oho77
So roughly what are the offsets you would find the SLIC. I understand there are many modules do you cut them out 1 by 1 ?
Thanks again, but we already did it. Oho77 himself started this thread here... to cut open and replace is the best way...
heres a translation..crappy but prolly understandable spent sometime to translate a tutorial to mod an insyde bios, but opening bios that are bigger than 2MB will cause ezh20 to hang, someone reported he ended up opening to bios after 30ish mins, maybe this is possible with lots of ram(8G?) the method below doesnt require this, it can be done with a normal computer.. step one i opened a 1MB bios with ezh20 and noticed the screen below, normally i press "something" to skip it [image] you can see that the fd part is modular, if i take the modules apart, can i open it with ezh20? i had to find the modules so i tried searching for FV00...notice FV00 is 636 kbytes, convert it to 16 bit makes it 636*1024=651264=9F000..considering the data in a bios file is reversed, that makes it "00F00900", since you can see "_FV" by searching for 00F00900, this should be the FV00 module. since the data above is all FF, the 00s should be the start of the module [image] you can see another FV module below all the FFs [image] press ctrl+shift+n to extract it and save it as FV00.fd [image] see if it can opened with ezh20 [image] yes it works ********* in readable english i noticed the fd part of the bios is modular when i opened a 1MB insyde bios so i was wondering if its possible to open the modules by themselves if i seperate them module FV00 should be 636 kbytes which equals 9F000(636*1024=651264) in 16 bit, since data in a bios file is reversed, that makes it "00F00900" you can see "_FV" by searching for 00F00900, this should be the FV00 module. since the data above is all FF, the 00s should be the start of the module
Second Step Since the extracted FV module can be opened with ezh20, things might work out. Using the Acer TravelMate 4730 notebook's 2MB insyde bios as an example, the bios can activate oem vista originally. It can't be opened with ezho20 directly so we should extract, edit/replace, and put the module back in. there are a few modules, we are looking for the one that has the acpi tables(the one that contains RSDT, SLIC,etc inside). The ACPI table is compressed by LZMA inside a small module, it is one of the FV modules we are looking for. In an insyde bios, the module that is compressed by LZMA so it should start with 5D 00 00 80 00 (check my other tutorial). Search for "5D00008000" as 16 bit. [image] After you found the value, there should be a "_FV" around there, that means the start of the FV module can be found easily since the module size is 20h-23h away from the start of the FV module. In this case it's "00 B0 19 00" which means the module is 19B000h big so start selecting from 00 B0 19 00 till 5D 00 00 80 00 and save it as modFV.fd [image]
Third Step Time is edit it for real. Open modFV.fd with ezh20, it should opening correctly. All FV modules should open with no problems I think. [image] Now use winhex to edit the SLIC at the physical address. Open winhex, click tools-open ram-ezh2o-primary memory, press ok when something pops up. Find the pubkey and marker, change them to LENOVO_TC-5M's pubkey and marker [image] the RSDT,XSDT's oem id and oem table here it haven't be processed. Some insyde bios doesnt need processing as RSDT, XSDT will grab the oem id and oem table id automatically from the SLIC. However with this bios, we have to check. Search for "ACRPRDCT" (ACRPRDCT is the oem table id), it actually exists [image] there is "ACRSYS" (oemid), "1025" (creator id) around it as well. this is because insyde bios likes to write the ACRSYS in parts. This means the RSDT,XSDT's oem id, oem table it and creator should be edited here instead of editing them at the SLIC. change it to "TC-5M", "LENOVO", creator can be edited as well but i didnt change it [image] go back to ezh2o, save as modFV2.fd warning: you must redo the step if there are errors when editing physical addresses Open modFV2.fd, the size should still be 19B000h. Replace the contents of modFV2.fd into the original bios and save, done. [image] bios that can be opened with ezh2o can be edited this way too but its complicated this method of modding the bios has been tested by tianshaogang, thank you ********************* i think this should be understandable by a lot more people now and i hope someone can write a tool to help people with the insyde bios if anything doesnt make sense let me know and i can try putting it in a better way i rarely do translations and since i dont have anything with an insyde bios, it might be hard to understand what im trying say
Acer 4935G Hi sirs! Can i have a modded bios for my: Model : Acer Aspire 4935G Bios Rev. : 1.06 Bios : Insyde H20 Ver. 3.5 Btw i've already search the other forums, but 911Medic said the tool has crashed when opening this bios, but as this thread says it can. Thank you! -Bourj