I have Dell Optiplex 7040MT ready in my side this is why I sent you Bios for it.
Regarding Dell 3046/5040, I will make a backup once I receive it.
Thank you
Salim
I see, thanks for explaining. What CPU’s will you use on the Dell? Or what exact CPUID’s do you need as part of the mod process?
Dell Optiplex 7040MT can only use 6th Gen CPU.
I want to update it to use 6th and 7th Gen.
I can use Tray or Box CPU.
I think we can use the same like HP AIO model.
Thank you
Salim
What CPU’s though, or what CPUID’s, there is too many CPU’s to say make entire 7th generation compatible, pick some you will use and give me CPUID’s
506E3
906E9
Please run MEinfowin on the Dell and show full image of output, thanks! This BIOS has bootguard/ACM, we need to see if it’s active, microcode is inside cyan region so if bootguard is active any BIOS mod may brick no matter what.
Hi
This Dell 7040MT have a Jumper and when we short it ME region is set to Disable.
Does this mean anything for you or can help us.
Here is MEInfoWin file you asked for,
Please Note that I used MEInfoWin with ME Enable and I didnt SHORT Jumper.
I can make a BIOS BACKUP if you want me to do it again for you.
Thank you
Here is a file which i want to share it with you.
I think it is good for you
https://www.blackhat.com/docs/us-17/wedn…Are-Failing.pdf
Goodluck
Thanks for the meinfo, checking into that now. I don’t need another backup, ME was enabled and that’s what I needed. Thanks for PDF too, will check it out
*Edit - checked on this, bootguard is not setup correctly, thus not enabled, so it’s a go on editing BIOS for this system!
Once the other Dell’s arrive, run meinfowin on them too, and when you send their dumps package up their MEinfowin images in the zips so I can check those too.
*Edit 2 - @simoutekd - Please test on Dell, ME change only right now, then next step microcodes + ME
https://www.sendspace.com/file/8h24z1
Any progress on HP’s diagnosing? Have you tested with secondary BIOS removed?
Did you look on board and see if you can find third flash block that possibly contains the HP Trust thing? If you think you find, dump the chip and we’ll see if we can verify/identify contents
Hello
Dell Optiplex 700MT system still in Manufacturing Mode Programming State. I can commite it to Normal State just by adding TAG number then I can DUMP BIOS Again.
Regarding HP All-in-One still didnt try it but i will do that on Saturday. First I need to know how to Block SureStart from HP BIOS then move with that.
I learned from PDF file that when in Surestart manual activated and after system power on, document said that i need to push Power ON Twice in less than 2 SEC to display details on screen. I will do that.
Thank you
Salim
You can leave in manufacturing mode probably, and still test BIOS, then put back when done testing, or finalize once we’re done.
There is no block surestart from BIOS, only remove surestart function. That is why I wanted two thing I mentioned, test without secondary BIOS, does recovery happen still, and then find other flash rom chip which contains surestart coding/data etc.
It’s on a flash rom somewhere, we probably need to remove this and secondary BIOS for system to be how you want in the end.
Found another PDF - http://www8.hp.com/h20195/v2/GetPDF.aspx/4AA7-2197ENW.pdf
Firmware resides in a non-volatile memory on the circuit board and can’t be removed simply by erasing the hard drive. *Wink * Wink *Hint *Hint - they didn’t say you can’t simply remove the NVRAM (Flash-rom)
Also, see this, maybe you can download this and see what options are given this way too -
Manageability—Administrators can manage HP Sure Start capabilities with the Manageability Integration Kit (MIK) plugin for Microsoft® System Center Confguration Manager (SCCM)
https://www8.hp.com/us/en/ads/clientmanagement/overview.html
And, in the F10 BIOS menu, options for sure start, did you check to see if “BIOS Data Recovery Policy” can be set to disabled, or only auto/manual?
This makes it sounds like disable is possible maybe "Enhanced HP Firmware Runtime Intrusion Prevention and Detection - The RTID feature can be optionally be set to disable by the platform owner/administrator"
Maybe that only covers part of the BIOS code?
Get me some good clean images of one of these boards, in full, so I can pick and point chips for you to try and dump.
Hello
Today I updated my Dell Bios with your File and everything worked correctly for me.
My Computer started normally and here is a copy of MeInfoWin File.
Check it please.
Regarding HP I will check it and let you know the news.
Thank you
Salim
ME Only Dell 7040MT.txt (5.35 KB)
@simoutekd - Good all went smooth so far, thanks for update! Here is new Dell BIOS with ME + Microcode added for other CPU (and FIT table expanded and corrected), but don’t test other CPU yet, no vBIOS edit
https://www.sendspace.com/file/glxgtv
Hi
I tried to use you NEW file with CPU MC changed but I am sorry it is not working.
I am getting this error:
Power Light: Amber Blinking
2,3 : 2 blinks followed by a short pause, 3 blinks, long pause, then repeats
Bad Motherboard, Memory or Processor
If you can assist to troubleshoot, narrow down the issue by reseating memory and swapping a known good memory if available.
If nothing works, replace the motherboard, memory or processor.
This is the link for Dell Optiplex series Bios errors.
https://www.dell.com/support/article/us/…2012_to_Present
I think the best wqy to deal with this is to change All in 1 time and try first then see what we get.
That mean we change CPU MC; VBIOS; GOP all.
What do you think
Salim
No, changing all at once makes things worse, then we never know the cause of the issue. One edit at a time, that way we know what causes failure when it happens, like now, microcode update/FIT Table!
If I did all mods at once, there would be 4-5 edits and we would not know which caused the failure, now this way we know.
I will try again, but this BIOS was made with only a single microcode, so to add I have to edit and fix the FIT table no matter what, maybe that is wrong but I don’t think so.
I will make new, without update 506E3, leave it same version it is now, and add 906E9+Fix FIT
Then if that fails, yes, maybe only way to test would be all edits at once, with only Kaby CPU microcode and test with that CPU.
But, before doing that all at once test, I would like to try vBIOS/GOP + ME with older CPU, that way we rule out vBIOS/GOP first, before again making final update change to the microcode/FIT
Will edit in new file test soon! You did verify after write correct? Write then verify all in one step?
OK, here, this has original 506E3 microcode + 906E9 & FIT correction (same as before, but with original 506E3 microcode left in place)
https://www.sendspace.com/file/i1r7lr
If that fails, then thee is some issue with the FIT change, but that has to be done, even if leaving only a single microcode I will have to fix location for the new 906E9 only microcode.
I guess we can test/confirm if FIT change breaks with single code but leaving 506E3 only in there, updated so I have to change it’s location (With test first, before next to rule out updated microcode by itself fails), and then second file same single 506E3 microcde + blank entry for second microcode.
Hello
Sorry for late reply. I was absent all the day yestreday.
Today I used your new Bios file for my Dell and I got same problem as last Bios File. SAME ERROR.
Cannot Start at ALL.
When I put back your BIOS with only ME file modified it is working perfectly.
We are missing something I think.
Thank you
Salim
No problem, no hurry here it’s OK 
I’m sorry about this still same problem, seems there is some issue with the FIT table fix, or having a second microcode.
This shouldn’t happen, let me look into this further and I’ll let you know if I can find anything, maybe some pointer gets broken with the file size change and I’m missing it or something.
I’ll let you know, if not we’ll have to move forward like I mentioned and do the microcode last.
In the meantime, please test this BIOS, with only single 506E3 microcode, but updated version, this will confirm for me size change is causing some pointer or something somewhere to break.
OR!!! Maybe I need to use older UEFITool instead for this particular BIOS, sometimes newer version causes issue with some BIOS and old one does not, I’ll make two of these BIOS so we can test that theory right now too.
Will update this post with new BIOS x2 to test.
Pre-post edit! OK, I think I see the issue now, which we may not be able to get around? I’ll have to PM plutomaniac about this later if we find no matter what this is the issue (If 22.4 fails too, then I’ll have to ask him if we can get around). Please test 25.1 first, then if it fails try 22.4
BootGuard is not active on this system, we’ve already confirmed via MEInfo, so I am not sure how this can cause a non-boot, but maybe we’ll test and find only the 25.1 causes it, since it has an additional error that the 22.4 does not.
Both methods post edit have AMI protected range error, but only the 25.1 has the BG hash error too.
This did not happen previously with the ME only because ME is outside of the protected ranges. Hopefully one of these will work, possibly both if the non-boot is due to what I mentioned previously and nothing to do with these errors.
Please test both in order I mentioned so we can rule out or confirm the above, aside from this issue possibly.
Both of these have latest 506E3 microcode only, microcode size is 3KB larger, but no FIT table corrections or microcode overall file size changes made this time.
However, I think maybe the error is simply due to the ACM/BG errors caused in 25.1, we’ll know more after you test both of these. Please check 25.1 first (I expect no boot), then the 22.4 (I hope will be OK), let me know outcome of each test, thanks!
https://www.sendspace.com/file/g9j9u5
HELLO MY FRIEND
I TESTED YOUR NEW BIOS.
FIRST 25.1 BIOS NOT WORKING AND GENERATIONG SAME ERROR AS BEFORE.
BIOS 24.2 SYSTEM IS BOOTING SHOWING DELL LOGO THEN A NEW MESSAGE IS COMMING ON SCREEN AFTER DELL LOGO.
HERE IS THE MESSAGE/
BOOT GUARD VERIFIED FAILED
SYSTEM WILL SHUTDOWN
PRESS ANY KEY
THANK YOU
SALIM
Thanks for testing, and report info! So we need to use 24.2 for now moving forward. I will PM plutomaniac and see if he can advise on this.
Bootguard is not active at the chipset level correct plutomaniac? Measured boot/verified boot not set, how can this be causing bootguard error if edited
Editing image previously, outside of yellow (ME region) edit was OK and bootable. This round was only microcode change, inside yellow and into cyan