flash from a dos prompt and use the included awdflash file. type awdflash and the full bios file name at the prompt. let it finish.
full bios file name is that 54we thingy EDIT everytime i click the AWDflash file it comes up for a second i see some colur in my dos window then it goes straght back off any ideas??
I couldn't resist to POST lol.....but it is true I'll be absent later this day...... How to detect a loader example: OK, it doesn't watch the P.O.S.T. but the boot process. A memory resistent task is started (like an update task just the same if M$ needs to reboot and install files that are in use). It watches the 'acpi-mapping process' at reboot. It figures where the SLIC is loacted (physical memory address). This range will be monitored (or the entire acpiTable system from RSDP to all tables.). When you press reboot, WAT could delete the SLIC from its address range. Then wat calls 'reboot' and starts a timer. -Time1: It notes the time when the bios is searching a hard disk, (the time when it looks for a master boot record at cylinder 0, head 0, sector 1 , the first sector on the disk.) -Time2: It notes the time when the SLIC will be written again to its original place.(or any new place by following the RSDP) Then it compares the times: If time1 < time2 then you have got a loader--->non genuine...
Simplest to read that part of MBR is vista7 slic ldr where loader info under slic info tells that. Or one can use PAYMYRENT ldr for that.
The approach I have written doesn't look for a loader itself to be somewhere (MBR), it detects the weakness of all loaders. (the order of the boot chain) M$ wouldn't have to update a signature for WAT to find every new loader. This approach will kill them all....I'm no programmer, but I guess this approach is realisable.
I have softmoded win7 and pass OK all, WAT ( kb971033), genuinechek.exe ( online), and MGADiag.exe with WAt in it, stil activated and run ok
All bootloader is based on hacked bootsect (ntldr replaced with grldr) to write on particular location of bootsector of Harddisk which chain loads things. If that location is perfected for detection, most loaders are detectable.
Yes I know, I was in the developer team of WoW7 loader. A hacked bootsect.exe that writes a hacked bootsector alone isn't a fact for using a loader. This trick is used by many people to use grub.....M$ cannot disable grub..or mark a grub user as non genuine..!!! They have to be careful. Hence my approach is tha killer....
Once again, this is not possible. There is no user-level or kernel-mode "memory resident" process that will survive a reboot. The way Microsoft handles update tasks and other things after a reboot is by putting the relevant commands into an area that is executed after the kernel and drivers have been loaded. Think of it as a Startup folder but one that the operating itself can access. For this very reason your process is not possible. There is no way to detect the time that SLIC table(s) have been loaded by a live Windows system. The easiest way to detect a loader would be an attempt to find grldr but GRUB is used in legit dual-boot machines and in no way positively identifies a softmoded machine.
well help me please yen or someone i click the awdflash file and it comes on for a few seconds then goes straight off what am i doing wrong??
Keep this thread on topic mate. How to flash a BIOS tutorials are all over the net...have a friend install Google for you. Read well and don't take the procedure so lightly; you can easily brick your machine if done wrong.
Use awdflash from Dos boot using some bootdisk and run awdflash /? to know what command you requires.
You really need to go to the section "bios mods" and do alot of reading. You do not sound like you have a good deal of knowledge about modding and flashing a bios. You should really stop now and learn before you end up bricking your MB.
you can use win 98, me bootable floppy or make own bootable USB drive using free dos or others. Google it to know more. CUATION : BIOS mod is thing you must know what are you doing. It may happen that you could loose your mobo. @ naseap has rightly said that you should read well bios mod section before you try anything.
Yup not for the feint-hearted - check out the biosMod threads first - create a bootable USB drive with cracked HP tool - put the modded bios + flash utility on it with a batch file to execute the flash command and args. boot from USB , exec the batch file - Good luck mate. Easy once you know how
OK....then a new one: WAT figures where the SLIC is loacted (physical memory address). This range will be monitored (or the entire acpiTable system from RSDP to all tables.). Then WAT itself is running the boot process again (is searching the MBR and runs the boot process) but only to have a look if a SLIC will be written...in a virtual mode or debug mode.) Possible?I think so.
No, not possible. WAT could possibly check the location of the tables and write it to a location that will survive a reboot. However, WAT itself cannot run the boot process. WAT can only run after the Windows kernel is ready for it. At that point, the softmod loader has already run and reinserted the table to the correct location. Therefore if WAT compares it to the previously stored location then it won't find any difference. Yen, here's the problem with all of the scenarios you're coming up with: they all assume that Windows and WAT somehow know what a computer looks like right after P.O.S.T. but before a softmod loader has run. This is not possible without making some drastic changes to the basic structure of how modern x86- and x64-based systems manage P.O.S.T. and the eventual hand-off to the operating system for booting. I'm sure EFI and TPM equipped computer systems with some sort of watchdog process could do it but this is exceedingly rare in the consumer computer world and Windows is not designed for this sort of locking down. In fact, if you want to see how this is done then you can look at the XBOX360 reverse engineering forums because Microsoft specifically designed it to withstand these sorts of attacks. Regular computer system being bought by the general public do not have this sort of hardening at all. Anyway, WAT is nothing more than a simple virus scanner-like service with system file checker like capabilities. I highly doubt we have anything to worry about.