Which loader is using?

Discussion in 'Windows 7' started by Annita, Jan 6, 2010.

  1. Annita

    Annita MDL Junior Member

    Feb 25, 2008
    62
    1
    0
    I just received a Laptop (not a new one) from a friend and I would like to know if it’s using a Loader method to activate Windows 7.
    How can I know if it’s using one and which one?

    Thank you!
     
  2. xcom

    xcom MDL Junior Member

    Aug 6, 2009
    66
    4
    0
    Er.....ask your friend??!
     
  3. Annita

    Annita MDL Junior Member

    Feb 25, 2008
    62
    1
    0
    Hehehe :D. Tried that but he didn't install and don't know who installed/activated...
     
  4. Binary

    Binary MDL Novice

    Jan 6, 2010
    5
    0
    0
    ok, here's how to do it: Open the root of the drive, and then goto folder options>view>tick show hidden files and folders, and untick hide system folder(or smth like that)
    then on the root, find files like "GRLDR" if its grldr, then its the old hazarloader or old chinaloader or the old 7Loader
    if its like "KHSAz" or something not understandable, its the new DazLoader or Windows 7 Loader eXtreme edition(not sure)
    if it "w7ldr", i think thats the new ULoader or Open 7 Activator
     
  5. omdhar

    omdhar MDL Junior Member

    Aug 1, 2009
    94
    40
    0
    if its like "KHSAz", it could be vista7 slic ldr too.
     
  6. Annita

    Annita MDL Junior Member

    Feb 25, 2008
    62
    1
    0
    I've just attetched the files I can see on the root of the hard drive after unticking hide system protected files...

    Do you know which loader is using?

    Thnx.
     

    Attached Files:

    • W7.PNG
      W7.PNG
      File size:
      5 KB
      Views:
      73
  7. secr9tos

    secr9tos MDL Addicted

    Jul 28, 2009
    999
    133
    30
    Nobody can tell u what loader u are using exactly but in the end there are only two loaders: vstaldr and zsmin's ldr.
     
  8. Hazar

    Hazar MDL Guru

    Jul 29, 2009
    2,523
    452
    90
    Daz's loader is installed.
     
  9. Annita

    Annita MDL Junior Member

    Feb 25, 2008
    62
    1
    0
    Thanks. How do you know it? The is no files like "GRLDR" if its grldr, or like "KHSAz" or something not understandable.

    Thanx.
     
  10. Alphawaves

    Alphawaves Super Moderator/Developer
    Staff Member

    Aug 11, 2008
    5,873
    20,136
    180
    #10 Alphawaves, Jan 8, 2010
    Last edited: Jan 8, 2010
    Daz loader has a random file name 'grldr - randomly named and resized' along with a file named 'winx.ld'
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. sijooss

    sijooss MDL Novice

    Aug 6, 2009
    2
    0
    0
    anitha u use windows toolkit by orbit in that there is an option activation report in that u can get all d details abt the activation it is available in torentz ok
     
  12. Matrix Leader

    Matrix Leader MDL Addicted

    Dec 8, 2009
    857
    175
    30
    why don't you just format and install 7 again? who knows what me be dug in that installation of yours currently......
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. Annita

    Annita MDL Junior Member

    Feb 25, 2008
    62
    1
    0
    Thnx. It's all I wanted to know, but I also will try the Windows Toolkit by Orbit just to get the activation report.


    I'll try it. Thanx.


    I don't need to format, Win7 is working fine, I just wanted the info for me. I use Modded BIOS with SLIC 2.1 to activate Win7 and just wanted to know for my info and learning.
     
  14. HotCarl

    HotCarl MDL Addicted

    Jul 21, 2009
    833
    16
    30
    #14 HotCarl, Jan 8, 2010
    Last edited by a moderator: Apr 20, 2017
    Actually, if there is a lower-case letter in the grub loader name then it is not from vista7 slic ldr... Due to limitations in the hacked bootsect.exe file that PAYMYRENT hex edited (that omdhar is using), the random names in vista7 slic ldr are limited to only upper case characters, and only 5 letters long...therefore it is impossible that vista7 slic ldr created a file named "KHSAz"...and is why I decided not to go with the "random" loader names like omdhar has... I should know, I helped PAYMYRENT write the random loader name code that omdhar is using in his program ;) :p

    If I release something with random loader names, then I want the loader names to really be randomized (with random lengths and with uppercase and lowercase letters and numbers)... :)
    Daz is totally correct in the sense that these "random" loader names that omdhar is using are not really any safer than using a grub file that has a regular GRLDR name...and are a false sense of security as any programmer could easily write a program to search through the contents of all the files in the root of the system volume for those that contain certain strings. Seeing as how nothing is encrypted or hidden, these so-called random loader names mean nothing as the loader file is still there and can be easily searched through...or anyone could just query the registry for "slicldr" and find the name of the loader file that way (and it would be even easier) :p (Actually, having a randomly named GRLDR file that is not encrypted could be less safe because there is no legit reason for having such a file (at least a person could have a legit reason for having a "GRLDR" file on their HD) but a file named something like "GEHFG" that is chain-loading Windows sounds more suspicious to me...and a quick look into the file will show that it is a loader file... Busted! lol :p)

    Also, omdhar stores the random loader name in "HKEY_LOCAL_MACHINE\SOFTWARE\v7slicldr"...so you can look there and see yourself if vista7slicldr installed the loader file...but I can tell you right now that if the file was called "KHSAz" then it didnt. BTW, why in the world would you name the key that holds the name of the loader file you are trying to hide from the OS after the name of your app?? That only makes it easier to find your "random" name...lol :p ...just search the registry for "slicldr"... :p


    See:
    Code:
            Dim data As Byte() = New Byte(9  - 1) {}
            VBMath.Randomize
            Dim random As New Random
            Dim charCode As Integer = 0
            charCode = random.Next(Strings.Asc("a".ToUpper), (Strings.Asc("z".ToUpper) + 1))
            right = (right & Conversions.ToString(Strings.Chr(charCode)))
            data.SetValue(CByte(charCode), 0)
            data.SetValue(CByte(0), 1)
            charCode = random.Next(Strings.Asc("a".ToUpper), (Strings.Asc("z".ToUpper) + 1))
            right = (right & Conversions.ToString(Strings.Chr(charCode)))
            data.SetValue(CByte(charCode), 2)
            data.SetValue(CByte(0), 3)
            charCode = random.Next(Strings.Asc("a".ToUpper), (Strings.Asc("z".ToUpper) + 1))
            right = (right & Conversions.ToString(Strings.Chr(charCode)))
            data.SetValue(CByte(charCode), 4)
            data.SetValue(CByte(0), 5)
            charCode = random.Next(Strings.Asc("a".ToUpper), (Strings.Asc("z".ToUpper) + 1))
            right = (right & Conversions.ToString(Strings.Chr(charCode)))
            data.SetValue(CByte(charCode), 6)
            data.SetValue(CByte(0), 7)
            charCode = random.Next(Strings.Asc("a".ToUpper), (Strings.Asc("z".ToUpper) + 1))
            right = (right & Conversions.ToString(Strings.Chr(charCode)))
            data.SetValue(CByte(charCode), 8)
    
    The code above is PAYMYRENT's code that I modified to make it create a random grldr name on the fly while creating the bootsect.exe file...taken right out of the latest version of vista7slicldr from omdhar... The code above is a very sloppy way to do what he is doing (creating a grldr file with a "random" name), and I only made it as a proof of concept with PAYMYRENT's original code... I tried to use that code above and could not get it to work on every system I tried it on (showing how unstable the code is (or the hex edited bootsect.exe file is)) so I scrapped it for O7A rather than add in something that will surely cause problems and give people a false sense of security...
    (Having a loader file with a "random" loader name but is not encrypted, like omdhar does, could actually make it much easier for MS to determine which file the loader file is (if one exists) because you are guaranteed that the loader file you are looking for is in the root of the system volume, is 5 characters long, and all uppercase. Then search the contents of this file for certain strings, if the file does not contain these strings then search the next file on the system volume for strings...how many files could there possibly be on your system volume that are 5 *upper case* characters long? My bet is 1...the loader file. lol. So as you can plainly see, making a random loader file in this way red flags the file as a loader file...) (BTW, when I said "strings" (like when I said "Then search the contents of this file for certain strings...") I referred to words such as "SLIC"...as the loader file is not encrypted, the random loader name is meaningless as you can just search through the file for plain text...)

    BTW, I dont know why the heck it says "New Byte(9 - 1)" instead of "New Byte(8)"...In PAYMYRENT's and my version it said "New Byte(8)", so I can only assume he did that to make it look a little different...otherwise it makes no sence why that is there :p lol
     
  15. thedonofdeath

    thedonofdeath MDL Member

    Oct 6, 2009
    107
    1
    10
    #15 thedonofdeath, Jan 8, 2010
    Last edited: Jan 8, 2010
    well i can't tell you what loader you are using but i can tell you that you could always just download and use removewat (hazar) and then you won't have to worry about loaders anymore
     
  16. HotCarl

    HotCarl MDL Addicted

    Jul 21, 2009
    833
    16
    30
    Actually, RemoveWAT is by Hazar, not Daz... :p
     
  17. thedonofdeath

    thedonofdeath MDL Member

    Oct 6, 2009
    107
    1
    10
    yeah i just realized that.. durr im stupid sorry
     
  18. HotCarl

    HotCarl MDL Addicted

    Jul 21, 2009
    833
    16
    30
    lol...there is no reason to put yourself down. It is just a simple mistake. I just corrected you so others would not get confused... ;) :p
     
  19. Annita

    Annita MDL Junior Member

    Feb 25, 2008
    62
    1
    0
    Trying the Windows Toolkit 1.8 by Orbit I just screwed up the loader and the system, and I'm going to format the computer and install everything from the beginning...

    Thanx for he info, I really appreciate your time and help.
     
  20. jkhsdjflseii

    jkhsdjflseii MDL Novice

    Sep 24, 2009
    12
    0
    0
    eXtreme edition