Hello, First of all I would like to thank anyone actually taking the time to read this. I realize it is long, but I have so many questions and I am having a difficult time grasping some fundamentals. You are much appreciated. I currently have a couple hundred laptops with the following specs: Manufacturer: LENOVO Model: T410 TYPE: 2537-22U Bios Version: 1.25 (6IET65WW) Bios Type: Lenovo (? see below) SLIC: LENOVOTP-6I-LPT (2.1) Download location: Would not let me post a link(?) Says I need to have a post count of 20 or greater under my belt to do that. Simply google search lenovo t410 bios download. For the sake of discussion all references to "Image" = Symantec Ghost capture Files Currently we use sysprep and ghost to distribute windows 7 images to multiple hardware platforms (I don't even think you can buy these laptops without windows 7 licenses, so trust me we are all legal). This includes the laptops referenced above, as well as a couple other Lenovo models. We DO want computrace installed on certain laptops, we do not want it installed on others. The problem lies in the distribution of said images. Anytime an image is created or edited using a PC that has had computrace installed, it will replicate itself on any other machine that image is pushed to. If anyone is reading this, you are probably aware of the irritation and personal pain this causes me. My goal here is to see if I can effectively disable computrace by editing the ROM in the BIOS. This is an excercise of will and stubborness and pure curiosity, and will probably never go into production. There is a lot of information out here but I seem to be going around in circles. I was hoping someone could clear up some things for me that unfortunately I have not been able to get a clear grasp of so far. I have attempted to read many guides and tutorials, but many start with "assuming you have an ASUS motherboard, gather these tools, etc". In other words, I feel I need to make sure my high level understanding is accurate before I feel it would be appropriate to attempt an actual lower level execution. Here is What I think I think I understand (please correct me if I am wrong): -There are a few main types of system board manufacturers and each type will require different tools and techniques for modifying a BIOS. As I understand it the three major manufacturers are Insyde, AMI, or Phoenix. Question: What is my system board manufacturer? WinAudit lists "unknown". System Information simply says "Lenovo" Does Lenovo manufacture their own system boards? And if so, which tools am I to use then? I have found evidence that people have done some bios modifications on Lenovo's with the Pheonix tools, but I can't determine if this just means that their model contains a Pheonix system board, or if Pheonix tools will work with the system board I have? -"Bios's" come in a variety of file extensions. Some companies will let you download the actual BIOS in a .BIN fomat. Other's (like Lenovo) only have the installer in an .EXE or .ISO format. If this is the case I have to use a decompiler to try and extract the source. In this case I have used UniExtract. Question: Is there a resource I have missed explaining all of the Bios file extensions. There's bin, wph, rom, hsh, fl1, etc. All very confusing and some seemingly also specific to the manufacturer or utilities used? -Once I have extracted the installer, I will have a variety of files including ROM's. ROMS are modules that provide specific functionality to the BIOS. So therefore I need to find the ROM I wish to alter, in this case the one that computrace uses. I have run into a problem here. I searched through every single ROM with a HEX editor for the ASCII text "computrace" with no resulting strings returned. However, I then ran a python script I found from Corelabs running a live version of Ubuntu. It sucessfully finds a ROM with computrace, names it computrace.rom and saves it for you. When I open this rom with a hex editor, I can in fact search for and find "computrace" Question: Why would the "fresh" bios from the installer not have the computrace ROM, but a computer running computrace does? What are the implications of this? Does this mean I can not do what I want because the ROM is somehow initialized and created after the BIOS is updated or installed? Or have I simply goofed somewhere above and not properly extracted the BIOs files? Is opening each rom with a hex editor and searching for a text string the best way to accomplish this? I have many more questions as far as the rest of the process, but I feel I need to get these fundamental questions answered before I should go any further. Thanks again very much for your time. poonking
I found some things out. -After running Pheonix mod tool and looking in the temp folder I do in fact see a ROM with the text string "computrace" -A few other utilities also returned an "unknown" bios type. -dmidecode shows "Lenovo" bios type. -Without a bios editor specifically for my bios i can't figure out how i would modify a hex file to accomplish my goal. For my own sanity I am going to say that I believe this is some sort of proprietary BIOS made by Lenovo and I am therefore SOL. Thanks again, Poonking