Hi, I've opened a extra thread to gather informations. Everyone who is interested, please reply to here. Please tell what model and what bios version is currently running. It seems that the bios is flashed exactly 1:1 on a machine with Vista preinstalled, while at a machine without license the first A66h bytes are modified. The bios cannot be decompressed with any tool. The biosupdate is for all the same (with or without license) reginakampher has made a good suggestion to try..... There are two ways to update the bios. HPQFlash and ROMPaq utility. The research is still at the beginning.........
530 and its immediate headaches Well I'll post though I don't know much about this forum or the HP530 except that I tried to upgrade the bios to allow the full capability pf my Prescott CPU. All I got was a black screen. Now I'm investigating whether or not I may have been protected by one of the fail safe CMoOS jumper protections intel apparently builds into some of these chipsets (Ithink that's right). Anyone know how to proceed? I can't even find a diagram for the MB anywhere. Headdoc
@matrixbk I have to repeat: I / we cannot modify this kind of bios yet! To all who want to get progress with this: Install AcpiScope load information from bios, save and upload the *.ATS file. Also tell the modell and the bios version....... Install Hwdirect as well, we will need it later. This gives a excelent overview of all ACPI tables. Anyway, somebody should try to update the bios from HP /Compaq website, by using the ROMPaq utility......I don't think it'll work, but we have to exclude that easy thing..... So please try it first! Again: The biosupdate is the SAME. Vista licensed machine or not!!! BUT what's the difference????? Does it check the SLIC or a DMI entry? Or some bytes at the bios itself? So we need to flash the bios in that way that it'll be a licensed one! 1:1 should do the job.... OK?
Hi, When I bought my HP530 it had BIOS F.05. Installed Vista Ultimate x86, HP Cert and HP Ultimate Serial number. No activation, only Paradox working. Flashed BIOS to F.06 using HP ROMPAQ. No dice, only Paradox working. It seems that HP flashing software knows what to flash in BIOS depending on the prior BIOS SLIC. I finally gave up and bought a legal version of Vista Home Premium. Solracna
I'm sorry! Because of my English's not very well! It's really hard for me! I'm trying and this's .ast file! Please help me! Very very thank you! yeah, some info about this BIOS: Code: Model : HP 6520s BIOS Version: 68mdu Ver.F.07
Your report is useful, thanks. But the instructions to try out are a bit complex anyway. First you should try reginakamphers idea to fool the flash program. Therefore you have to write a complete HP SLIC to the shown address 3F7C8238h. After that you have to correct the OEM and OEMTABLEID at RSDT table (arround address 3F7C8178h) to HPQOEMSLIC-MPC and the checksum byte at offset 9 to 5B......all with Hwdirect. After that try to update the bios, reboot and see if SLIC is fully present..... Is it too complex? I can imagine it is complex because of the English language.......a easy solution is not possible Better is to wait for somebody else who want to try out her idea............
Yes, I'm curious about how to fool the flash program, or to figure out what checks it does. Nothing more. The license and copyright issue is another matter.......everyone has to decide on his own.....
This is acpi table from my HP6720s,maybe can help too.My bios version is F09,the latest one.I upgraded form F05 to F07 first,than to F09 and nothing happened,it's the same.I really want try reginakampfer solution but i'm not so familiar with hex editor and i don't want to mess up something.There's also info from everest about bios.I think best thing is to compare our tables with some with Vista preinstalled,to try find what is difference since it's same bios update for all models.
Almost same story. SLIC is at address 3F7C8244h. Filled with zero bytes. RSDT is at exactly the same address 3F7C8178h. OEM and OEMTABLEID of it is wrong. Checksum byte at offset 9 to be corrected to 96h. Yes we need more peoples with a preinstalled Vista. Only one replied so far. But you can see what's different at bios already. A preinstalled flash's bios has got FF bytes at offset 0 to a66 (those at which the code starts at 20000h at 10000h), a free OS flashed, NOT. Maybe there is a string to be verified? The memdump of a licensed machine is EXACLY the same byte sequence as the biosfile itself. So we have a exact 1:1 flash at a licensed machine. At a OS free machine bytes have been changed OR are left untouched and were changed already at factory!!!! So the second idea to fool the flash tool is: With Hwdirect goto memdump address FFF0000 size let's say 1000 (a66 minimum) and dump. This is the different area of the shadowed bios. Overwrite all with FF bytes to make it like the licensed one. Now update the bios, reboot.... This sounds to be too good to be true......but somebody should try the ideas to get a progress. A third idea I have in my mind is: Is there a special command to flash (hidden) which allows rompaq to update the bios to a licensed anyway? (Full bios write?) If not possible, would uniflash do the job? But this are all ideas so far to be checked..............
This is the config.sys to be used by upgrading with rompaq: buffers = 20 files = 15 shell = rompaq.exe /! I still don't know what rompaq.exe /! command is for. Maybe we can edit additional switches to get a licensed version onto the chip. Or just try without the switch? There are /R to restore, /X to downgrade, /F to force, /B to backup. Any more? I think trying out my idea to write the FF bytes will bring the same risk as a usual upgrade (flash) of the bios, no higher risk. Playing around with config.sys as well since you are trying to update a ORIGINAL biosfile, no self made modification at the biosfile itself...................... I would try by myself, but unfortunately no one of my friends have got such a Notebook.
The others with explanations : usage: Rompaq [/D] [/U] [/B] [/R] [/X] [/C | /!] [/P xx.bin] /D = Dock (operation applies to docking station).. /U = Update System BIOS with new version.. /B = Backup BIOS (save to disk). /R = Restore BIOS (program with backup image). /X = reset CMOS/ECMOS to factory defaults. /F = force docking station recovery. /C = do not allow exit to DOS (power cycle). /! = do not allow exit to DOS (power off). /P xx.bin = admin password is read from encrypted file xx.bin
Thanks a lot. Could somebody please backup his current bios, using rompaq /B and upload it. This is interesting to compare with the original from the website. (To see if there is the same difference). I have to know if the first area 0-a66 is left untouched. Additionally I need the dump if possible. Install and open hwdirect, go to memory dump. Enter fff00000 without "h" and size 100000 without "h", press dump. Right click into window, select all, right click again, copy. Paste as new file into winhex. (Open winhex and press Shift + insert key) Make sure ASCII-hex is selected. Save file and upload, please! To get Hwdirect to run under 64 bit, press F8 at startup and disable driver enforcement. This will last for one session only and allows Hwdirect to run. We need results to go on further.........I'm wondering why andrey_sebastian has already given up......if you give up that fast, you never will succeed. Maybe way to success is already written!?
i can't believe noone else give us info from preinstalled OS.Yen i think you are on the right path,it's for sure there's something inside bios what recognises free OS and preinstalled OS since the update from website is the same.I'm interested for your idea about writing correct slic into dump before flashing,but please provide me with more details because i'm not so good with hex editing.If you put detailed table and steps i would like to try,i don't think there's any risk.