Hi, I've opened a extra thread to gather informations. Everyone who is interested, please reply to here. Please tell what model and what bios version is currently running. It seems that the bios is flashed exactly 1:1 on a machine with Vista preinstalled, while at a machine without license the first A66h bytes are modified. The bios cannot be decompressed with any tool. The biosupdate is for all the same (with or without license) reginakampher has made a good suggestion to try..... There are two ways to update the bios. HPQFlash and ROMPaq utility. The research is still at the beginning.........
530 and its immediate headaches Well I'll post though I don't know much about this forum or the HP530 except that I tried to upgrade the bios to allow the full capability pf my Prescott CPU. All I got was a black screen. Now I'm investigating whether or not I may have been protected by one of the fail safe CMoOS jumper protections intel apparently builds into some of these chipsets (Ithink that's right). Anyone know how to proceed? I can't even find a diagram for the MB anywhere. Headdoc
@matrixbk I have to repeat: I / we cannot modify this kind of bios yet! To all who want to get progress with this: Install AcpiScope load information from bios, save and upload the *.ATS file. Also tell the modell and the bios version....... Install Hwdirect as well, we will need it later. This gives a excelent overview of all ACPI tables. Anyway, somebody should try to update the bios from HP /Compaq website, by using the ROMPaq utility......I don't think it'll work, but we have to exclude that easy thing..... So please try it first! Again: The biosupdate is the SAME. Vista licensed machine or not!!! BUT what's the difference????? Does it check the SLIC or a DMI entry? Or some bytes at the bios itself? So we need to flash the bios in that way that it'll be a licensed one! 1:1 should do the job.... OK?
Hi, When I bought my HP530 it had BIOS F.05. Installed Vista Ultimate x86, HP Cert and HP Ultimate Serial number. No activation, only Paradox working. Flashed BIOS to F.06 using HP ROMPAQ. No dice, only Paradox working. It seems that HP flashing software knows what to flash in BIOS depending on the prior BIOS SLIC. I finally gave up and bought a legal version of Vista Home Premium. Solracna
I'm sorry! Because of my English's not very well! It's really hard for me! I'm trying and this's .ast file! Please help me! Very very thank you! yeah, some info about this BIOS: Code: Model : HP 6520s BIOS Version: 68mdu Ver.F.07
Your report is useful, thanks. But the instructions to try out are a bit complex anyway. First you should try reginakamphers idea to fool the flash program. Therefore you have to write a complete HP SLIC to the shown address 3F7C8238h. After that you have to correct the OEM and OEMTABLEID at RSDT table (arround address 3F7C8178h) to HPQOEMSLIC-MPC and the checksum byte at offset 9 to 5B......all with Hwdirect. After that try to update the bios, reboot and see if SLIC is fully present..... Is it too complex? I can imagine it is complex because of the English language.......a easy solution is not possible Better is to wait for somebody else who want to try out her idea............
Yes, I'm curious about how to fool the flash program, or to figure out what checks it does. Nothing more. The license and copyright issue is another matter.......everyone has to decide on his own.....
This is acpi table from my HP6720s,maybe can help too.My bios version is F09,the latest one.I upgraded form F05 to F07 first,than to F09 and nothing happened,it's the same.I really want try reginakampfer solution but i'm not so familiar with hex editor and i don't want to mess up something.There's also info from everest about bios.I think best thing is to compare our tables with some with Vista preinstalled,to try find what is difference since it's same bios update for all models.
Almost same story. SLIC is at address 3F7C8244h. Filled with zero bytes. RSDT is at exactly the same address 3F7C8178h. OEM and OEMTABLEID of it is wrong. Checksum byte at offset 9 to be corrected to 96h. Yes we need more peoples with a preinstalled Vista. Only one replied so far. But you can see what's different at bios already. A preinstalled flash's bios has got FF bytes at offset 0 to a66 (those at which the code starts at 20000h at 10000h), a free OS flashed, NOT. Maybe there is a string to be verified? The memdump of a licensed machine is EXACLY the same byte sequence as the biosfile itself. So we have a exact 1:1 flash at a licensed machine. At a OS free machine bytes have been changed OR are left untouched and were changed already at factory!!!! So the second idea to fool the flash tool is: With Hwdirect goto memdump address FFF0000 size let's say 1000 (a66 minimum) and dump. This is the different area of the shadowed bios. Overwrite all with FF bytes to make it like the licensed one. Now update the bios, reboot.... This sounds to be too good to be true......but somebody should try the ideas to get a progress. A third idea I have in my mind is: Is there a special command to flash (hidden) which allows rompaq to update the bios to a licensed anyway? (Full bios write?) If not possible, would uniflash do the job? But this are all ideas so far to be checked..............
This is the config.sys to be used by upgrading with rompaq: buffers = 20 files = 15 shell = rompaq.exe /! I still don't know what rompaq.exe /! command is for. Maybe we can edit additional switches to get a licensed version onto the chip. Or just try without the switch? There are /R to restore, /X to downgrade, /F to force, /B to backup. Any more? I think trying out my idea to write the FF bytes will bring the same risk as a usual upgrade (flash) of the bios, no higher risk. Playing around with config.sys as well since you are trying to update a ORIGINAL biosfile, no self made modification at the biosfile itself...................... I would try by myself, but unfortunately no one of my friends have got such a Notebook.
The others with explanations : usage: Rompaq [/D] [/U] [/B] [/R] [/X] [/C | /!] [/P xx.bin] /D = Dock (operation applies to docking station).. /U = Update System BIOS with new version.. /B = Backup BIOS (save to disk). /R = Restore BIOS (program with backup image). /X = reset CMOS/ECMOS to factory defaults. /F = force docking station recovery. /C = do not allow exit to DOS (power cycle). /! = do not allow exit to DOS (power off). /P xx.bin = admin password is read from encrypted file xx.bin
Thanks a lot. Could somebody please backup his current bios, using rompaq /B and upload it. This is interesting to compare with the original from the website. (To see if there is the same difference). I have to know if the first area 0-a66 is left untouched. Additionally I need the dump if possible. Install and open hwdirect, go to memory dump. Enter fff00000 without "h" and size 100000 without "h", press dump. Right click into window, select all, right click again, copy. Paste as new file into winhex. (Open winhex and press Shift + insert key) Make sure ASCII-hex is selected. Save file and upload, please! To get Hwdirect to run under 64 bit, press F8 at startup and disable driver enforcement. This will last for one session only and allows Hwdirect to run. We need results to go on further.........I'm wondering why andrey_sebastian has already given up......if you give up that fast, you never will succeed. Maybe way to success is already written!?
i can't believe noone else give us info from preinstalled OS.Yen i think you are on the right path,it's for sure there's something inside bios what recognises free OS and preinstalled OS since the update from website is the same.I'm interested for your idea about writing correct slic into dump before flashing,but please provide me with more details because i'm not so good with hex editing.If you put detailed table and steps i would like to try,i don't think there's any risk.
@mirza Please upload the Hwdirect dump as described here to verify the second method: http://forums.mydigitallife.net/threads/2148 HP530 is different. This bios code starts at offset 10000h already, while yours starts at 20000h OK here are the instructions, referring to your hp6720s.ats 1. Reginakampher's idea: Install Hwdirect, double-click memory dump, enter as physical address 3F7C8244 and size 176, press dump. To get Hwdirect to run under 64 bit, press F8 at startup and disable driver enforcement. This will last for ONE session only and allows Hwdirect to install / run. If you need more sessions you have to press F8 at startup again and to do the same...... Now the time-consuming part: Code: Offset 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 53 4C 49 43 76 01 00 00 01 7A 48 50 51 4F 45 4D SLICv....zHPQOEM 00000010 53 4C 49 43 2D 4D 50 43 01 00 00 00 48 50 51 20 SLIC-MPC....HPQ 00000020 01 00 00 00 00 00 00 00 9C 00 00 00 06 02 00 00 ........œ....... 00000030 00 24 00 00 52 53 41 31 00 04 00 00 01 00 01 00 .$..RSA1........ 00000040 5B AB 60 56 BC 58 1E E8 C1 D2 A1 5C E5 4F BB FD [«`V¼X.èÁÒ¡\åO»ý 00000050 1D A9 8C 94 B4 AE 08 11 DC 13 59 D3 7F F6 3E 87 .©Œ”´®..Ü.YÓö>‡ 00000060 31 B9 95 74 10 DA 3B A4 5B B5 19 82 7C 39 D7 0D 1¹•t.Ú;¤[µ.‚|9×. 00000070 7C 22 AC 1C 2A 84 E9 0A 88 6D FA B1 E2 D8 E8 21 |"¬.*„é.ˆmú±âØè! 00000080 96 E1 2E 68 9A BF 44 45 3E 3C 8E 99 90 DE 37 38 –á.hš¿DE><Ž™Þ78 00000090 57 0B 92 15 BC DE FF F2 07 7E B5 40 8C 51 3A C3 W.’.¼Þÿò.~µ@ŒQ:à 000000A0 02 48 F6 13 12 72 FB 42 78 E6 47 88 54 C7 B0 F0 .Hö..rûBxæGˆTǰð 000000B0 93 9E FB 04 B7 B8 B8 90 DE DB ED 32 E1 FB 54 A6 “žû.·¸¸ÞÛí2áûT¦ 000000C0 01 00 00 00 B6 00 00 00 00 00 02 00 48 50 51 4F ....¶.......HPQO 000000D0 45 4D 53 4C 49 43 2D 4D 50 43 57 49 4E 44 4F 57 EMSLIC-MPCWINDOW 000000E0 53 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 S .............. 000000F0 00 00 00 00 00 00 30 A8 7E 10 1B 0F 13 DD 2E 2D ......0¨~....Ý.- 00000100 36 C2 AB 54 A7 8C 3A A0 2F C6 5B B3 B3 DD 93 EE 6«T§Œ: /Æ[³³Ý“î 00000110 8E 39 A9 92 D0 5A 20 E1 2D F5 A2 1C 7A 3E 54 85 Ž9©’ÐZ á-õ¢.z>T… 00000120 99 72 56 5F EC 6B 07 17 63 82 3E 79 02 50 40 C9 ™rV_ìk..c‚>y.P@É 00000130 F1 D3 C5 58 39 A8 18 F1 56 91 EA 9C 54 1A E0 CE ñÓÅX9¨.ñV‘êœT.àÎ 00000140 C9 16 F0 5D D1 90 B1 B0 9E 81 E6 BA 62 F1 3B 96 É.ð]ѱ°žæºbñ;– 00000150 B0 7D D7 47 10 78 03 C9 28 52 E7 2D 4A F7 70 BB °}×G.x.É(Rç-J÷p» 00000160 53 1F BE CD 4F 77 D1 2F A8 3D 5C 26 AF 80 42 25 S.¾ÍOwÑ/¨=\&¯€B% 00000170 EF 7A B2 67 BA 1C ïz²gº. This is a full HP SLIC. You can see the header is already there at dump, but nothing more. Now complete and CORRECT the SLIC by typing byte to byte carefully and manually. Unfortunately there is no copy and write function available. The new bytes are indicated in red colour. After you have completed the full SLIC press the write button to write the full SLIC. Verify ALL bytes before you write them. All 176h must be the same as above (be careful not to get typo) Part two: Enter as physical address 3F7C8178 and as size 18 and press dump to dump the header of the RSDT. It looks like this: Code: Offset 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 52 53 44 54 50 00 00 00 01 21 48 50 20 20 20 20 RSDTP....!HP 00000010 33 30 44 38 20 20 20 20 30D8 Now correct it to: Code: Offset 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 52 53 44 54 50 00 00 00 01 96 48 50 51 4F 45 4D RSDTP....–HPQOEM 00000010 53 4C 49 43 2D 4D 50 43 SLIC-MPC Write the changes again. Now update your bios, without a reboot before. Don't worry about the offsets they are of course different. After you have updated your bios, reboot. Have a look with Acpiscope and see if the SLIC is now fully present. Second idea: (to apply after a fresh boot) Instructions are based on HP6520s results since I've got no dump of your current bios. At memory dump enter as physical address FFF10000, size 10000, press dump. Now write FF bytes all over. Make sure that the whole area is full with FF bytes. After that press write button and try to update the bios. If HP is clever enough they don't have included a check at all and both tricks won't work! How does it work anyway? The bios flash tools provided by them to the public don't touch (update) the low area (it depends on the start of bioscode) They have got another flash tool to be used one time by themselves. So they can decide whether it should be a free OS or a licensed one. In that case we will need another flashtool or another way to update the entire bios code or to use a EEPROM program device. Feel free to ask. Yes, IMO the risk is the same as you will have if you update your bios from HP, because it is not modified at all.