@Rexkh - Stock BIOS package and model name would help a lot here. If we cannot bypass by editing iscflash.dll, or FPT/H2OUVE flash/bypass then you will need flash programmer.
Here is the BIOS file. If somehow we can force flasher to use parameters from platform.ini instead of from fd file, I would be able to remove the password. Please take a look.
ZQS_218.zip (3.04 MB)
Does anyone have an Alienware M17x R4 A15 unlocked BIOS please?
Thanks.
@thewizardoz - I can unlock it for you, (result/proof here)please do the following and tell me what error you get at step #2
You may need flash programmer, not sure. The above guy already had one due to he corrupted his ME FW and needed that fixed before I even mentioned unlocking to him. So, we did not try do get mod BIOS to flash other ways, so weāll have to now.
If you have already modified the BIOS in ANY way, you will need to re-flash it back to factory defaults using factory method (NOT FPT)!!!
If you do not have Intel ME drivers installed, install them now from your system driver download page, then start over here after reboot.
Check your BIOSā main page and see if ME FW version is shown. If not then > DOWNLOAD HWINFO64 HERE <
Once HWINFO is open, look at the large window on the left side, expand motherboard, and find the ME area.
Inside that section is the ME Firmware version. Take note of the version. (ie. write it down or get a screenshot)
Once you have that, go to the thread linked below, and in the section āC.2ā find and download the matching ME System Tools Package for your system.
(ie if ME FW version = 10.x get V10 package, if 9.0-9.1 get V9.1 package, if 9.5 or above get V9.5 package etc)
> DOWNLOAD " ME System Tools " packages HERE <
Once downloaded, inside you will find Flash Programming Tool folder, and then inside that a Windows or Win/Win32 folder (NOT x64).
Highlight that Win/Win32 folder, then hold shift and press right click. Choose āopen command window hereā (Not power shell! >> * See Registry file below *).
If you get an error, reply to this post with a screenshot of it, OR write down the EXACT command entered and the EXACT error given.
((If āopen command window hereā does not appear, look for the āSimple Registry Editā belowā¦))
Now you should be at the command prompt.
You are going to BACKUP the factory un-modified firmware, so type the following command:
Command: " FPTw.exe -bios -d biosreg.bin "
>> Attach the saved "biosreg.bin ", placed into a compressed ZIP/RAR file, to your next post!!! <<
Right after you do that, try to write back the BIOS Region dump and see if you get any error(s).
Command: " FPTw.exe -bios -f biosreg.bin "
^^ This step is important! Donāt forget! ^^
If you get an error, reply to this post with a screenshot of it, OR write down the EXACT command entered and the EXACT error given.
Here is a SIMPLE REGISTRY EDIT that adds āOpen command window here as Administratorā to the right click menu, instead of Power Shell
Double-click downloaded file to install. Reboot after install may be required
> CLICK HERE TO DOWNLOAD CMD PROMPT REGISTRY ENTRY <
If the windows method above does NOT work for youā¦
Then you may have to copy all contents from the Flash Programming Tool \ DOS folder to the root of a Bootable USB disk and do the dump from DOS
( DOS command: " FPT.exe -bios -d biosreg.bin " )
If you do not have Intel ME drivers installed, install them now from your system driver download page, then start over here after reboot.
Check your BIOSā main page and see if ME FW version is shown. If not then > DOWNLOAD HWINFO64 HERE <
Once HWINFO is open, look at the large window on the left side, expand motherboard, and find the ME area.
Inside that section is the ME Firmware version. Take note of the version. (ie. write it down or get a screenshot)
Once you have that, go to the thread linked below, and in the section āC.2ā find and download the matching ME System Tools Package for your system.
(ie if ME FW version = 10.x get V10 package, if 9.0-9.1 get V9.1 package, if 9.5 or above get V9.5 package etc)
> DOWNLOAD " ME System Tools " packages HERE <
Once downloaded, inside you will find Flash Programming Tool folder, and then inside that a Windows or Win/Win32 folder (NOT x64).
Highlight that Win/Win32 folder, then hold shift and press right click. Choose āopen command window hereā (Not power shell! >> * See Registry file below *).
If you get an error, reply to this post with a screenshot of it, OR write down the EXACT command entered and the EXACT error given.
((If āopen command window hereā does not appear, look for the āSimple Registry Editā belowā¦))
Now you should be at the command prompt.
You are going to BACKUP the factory un-modified firmware, so type the following command:
Command: " FPTw.exe -bios -d biosreg.bin "
>> Attach the saved "biosreg.bin ", placed into a compressed ZIP/RAR file, to your next post!!! <<
Right after you do that, try to write back the BIOS Region dump and see if you get any error(s).
Command: " FPTw.exe -bios -f biosreg.bin "
^^ This step is important! Donāt forget! ^^
If you get an error, reply to this post with a screenshot of it, OR write down the EXACT command entered and the EXACT error given.
Here is a SIMPLE REGISTRY EDIT that adds āOpen command window here as Administratorā to the right click menu, instead of Power Shell
Double-click downloaded file to install. Reboot after install may be required
> CLICK HERE TO DOWNLOAD CMD PROMPT REGISTRY ENTRY <
If the windows method above does NOT work for youā¦
Then you may have to copy all contents from the Flash Programming Tool \ DOS folder to the root of a Bootable USB disk and do the dump from DOS
( DOS command: " FPT.exe -bios -d biosreg.bin " )
@Rexkh - Before I download anything, what is the model name of this, so I can keep in proper folder?
Password?? What do you mean about a password? If there is a BIOS password set, you need to ask for help with this at BIOS-mods.com forum, I cannot remove passwords nor tell you what the current password is, but they can help.
Flashing in stock BIOS will not remove password either, possibly if programmed in it might, but then youād also loose your serial and other system specific info if not done correctly (ie edit BIOS first, put info in etc).
If you main issue is BIOS password, then you need to ask for help at BIOS-mods.com forum, or possibly tag DeathBringer in here and he may help.
Well, forget about password. As you may already know that Bios file (ZQS.fd) contains built-in parameters which is the same as platform.ini. No matter what you change in platform.ini, Flasher would take only built-in parameters. My goal is to customize some of those parameters. There are two way to do it. First, force Flasher to take parameters from plaform.ini which is the question of how. Second, modify built-in parameters inside ZQS.fd) by using Hex Editor. For the second method, Flasher checks ZQS.fd. If it sees that ZQS.fd is modified (I think it has checksum), it would say "Invalid bios image" so, to fix it, we have two options, force Flasher to take parameters from platform.ini or create checksum that trick Flasher in thinking that modified ZQS.fd is stock bios file. Do you have any idea?
Acer Aspire E1-431.
@Rexkh - Password has nothing to do with platform.ini - And as for Platform.ini I told you cut BIOS from the fd, rename it to the stock fd name, and then it does not have built in platform.ini and will only use what is in platform.ini you put in folder.
Do you need me to do that for you? ^^ in the stock.fd file >> BIOS starts at 0x13FE0h and ends at 0x413FDFh, cut this to new file, rename to stock.fd, then proceed with your mod platform.ini
Then you only need to edit iscflash.dll to bypass whatever error you get (Show me image). If that also fails, and gives you "invalid Image" then you need to edit iscflash.dll or InsydeFlash.exe to bypass that error
How to check for starting and ending point? All bios file start and end with those address?
I gave you the start and end point, do you need me to cut the file for you? No, that only applied to this BIOS stock fd file.
Please look at the picture.
I get this error. Any workaround?
@Rexkh - you may need to go the FPT route, please do what I mentioned for FPT in post #24 and tell me what error you get at step #2, then do the following below and send me your vars
Please download the following package, and run the command below from each versions folder that directly contains itās exe.
Once done, copy the entire folder somewhere, delete everything but any created vars.txt and then repackage this and send to me, this way all created vars.txt remain in place in the folders of the version that created them.
http://s000.tinyupload.com/index.php?filā¦212104496994806
Here is modified iscflash.dll you can try to see if this bypass that error. Also, be sure you are modifying platform.ini to not do any checks, and not require secure flash etc.
Try this with cut BIOS and original .fd BIOS edited, try both ways and this mod .dll Sorry, I cannot see or find this error message in assembly on this iscflash.dll, so weāll have to go FPT route if platform.ini info here does now help
About platform.ini, did you make this change, seems it disables Secure Flash >>
; Supports on WIN SHELL flash.
[FlashSecureBIOSOverride]
EnableFlashSecureBIOSOverride=0 << Set #1
Action=1
;EnableFlashSecureBIOSOverride (WS)
; default : 0.
; 0 : Disable action override. Use the action which returned from BIOS.
; 1 : Enable the action override when flashing secure BIOS in OS.
That may not be what, or how it looks though, not sure.
Also, always add this at top to SwitchString (include quotes as typed below when you add)
SwitchString="PTDIS RESSEN PJMDDIS"
Or, you can also try running via Admin CMD Prompt, the following command >> Insydeflash.exe biosfilename.fd -forceit
I had changed EnableFlashSecureBIOSOverride to 1 before I modified InsydeFlash.exe. It didnāt work. Thatās why I modified it in the first place. I follow your sophisticated instruction and was able to dump my bios file. Please check the attachment.
Iāve tried to flash dump bios file back and got error message āError 28: Protected Range Registers are currently set by BIOS, preventing flash access. Please contact the target system BIOS vendor for an option to disable Protected Range Registersā
What should I do next?
AspireE1-431.zip (1.88 MB)
Show me image of the error, including the command you entered. Sad to see 28, hopefully we can get around, but itās not ideal as some others to bypass.
After you get image for me, then please put system to sleep (S3, not hibernate) and then wait 3 minutes. Then wake it up and try FPT BIOS region flash back again and see if you get same error or not. If you do, then your BIOS does not have S3 sleep bug, weāll move along.
Please download the following package, and run the command below from each versions folder that directly contains itās exe.
Once done, copy the entire folder somewhere, delete everything but any created vars.txt and then repackage this and send to me, this way all created vars.txt remain in place in the folders of the version that created them.
http://s000.tinyupload.com/index.php?filā¦212104496994806
H2OUVE.exe -gv vars.txt
* edit - what is above attached file?
I will get var you need and get back to you. The file bin I sent you is the bios file dump from my laptop.
Here is the message when I flash bin file back.
Hey, here is unlocked BIOS 1.29 unlocked by donovan6000 - https://www.bios-mods.com/forum/Thread-Rā¦=65154#pid65154
If you want, I can unlock 2.18 and then put inside with this package, that should flash it 
If you donāt want to use 1.29, please wait and I will edit 2.18 and put in this flash package for you
@Rexkh - Here, if this fails to flash, or bricks after flash, it may be due to older BIOS are not signed and you can mod, but new ones you cannot (sometimes this is case even with flash programmer)
If such is case, you will have to use 1.29 instead, and if it bricks you will need flash programmer (CH341A + SOIC8 test clip with cable) to recover
http://s000.tinyupload.com/index.php?filā¦750959988972766
Just try it. First it says, The bios file version is older than current bios version. I bypassed it then it says the bios file is not secure bios. It didnāt work.
I thought that might be case. I can try to make similar edits to the flash package, but then you run real risk of brick if itās a RSA signed BIOS and it flashes it in there.
So, my advice to you is to run the 1.29 BIOS I linked above at BIOS-mods.com forum, bypass any older BIOS checks using switchstring in platform.ini (may need edited now, possibly not back then since this was made long ago) >> SwitchString="PTDIS RESSEN PJMDDIS"
Then run that BIOS until you have flash programmer in hand and can update back to new BIOS using stock method, make backup with programmer, let me check to be sure itās OK, then weāll mod and you program in new mod BIOS and see if OK/Brick.
Or, you can ask for new 2.18 BIOS mod over at BIOS-mods.com forum, they will be able to tell you if that BIOS is RSA signed, if you can mod or not, or if you can mod but only once you have flash programmer etc.
Itās already unlocked in that package I sent you,but the flash files are for that older BIOS. So you need either new flash package, or info if you can use mod 2.18 BIOS or not, and or if you need flash programmer to put it on there or not.
As I mention, even 1.29 bios canāt be flashed because itās not a secure bios. On the other hand, did you say you know how to sign modified bios file so you can trick bios updater into thinking that modified bios file is real one and allow it to be flashed?
------------------------
If I brick the bios, does combination key to install bios from USB flash on boot up still work (There is combination key to update bios at boot up)
Each time I run H2OUVE.exe -gv vars.txt all my keys and mouse stop working so I have to unplug the power cord.
Here is the first vars.txt
vars.txt (94.7 KB)
There may be some confusing going on here I sent you mod BIOS 1.29 unlocked, in post #35 (Tiny upload link), if you cannot flash using that file and package, then see what I said above.
Please note, there is two links in that post, one to post on BIOS-mods.com forum with unlocked 1.29 package, and then the tinyupload link is for BIOS 2.18 but I put it into the 1.29 flash package.
If tinyupload linked package (Flash from that folder, package as-is) at post #35 does not flash in unlocked 2.18 for you, then you can use that BIOS with USB method, if you want to risk it.
Otherwise ask if itās a RSA signed BIOS over at BIOS-mods forum, I cannot tell if the BIOS is RSA signed or only the original flash package etc. No, we cannot re-sign mod BIOS, especially RSA signed ones.
If you want to update to unlocked, confirmed safe and working BIOS 1.29, then use link to BIOS-mods.com forum and download the file from there
This is what I suggest you do, until you have flash programmer in hand AND confirmed OK backup made, checked by someone. Risking a bricked device without recovery method in hand is not worth it for a BIOS unlock.
If you need some specific setting changed we can do that anytime without issue and without mod BIOS.
I do not need any vars.txt in that format. Please send them to me only as I instructed if you want to try this method, or if you need to change some specific setting.
Also, please use edit button if you want to add more info and no one has replied yet, thanks
And thereās no way to know what bricked BIOS would do in any case or situation, I would not rely on USB recovery method with BIOS bricked due to edited RSA signed BIOS (which we do not know if it is or not)
Just want to let you know that Iāve just downloaded your unlocked bios update and I got the same error as post #29. I will get all 4 vars.txt for you.
The 4 vars.txt are ready. If you need anything else, please ask.
H20UVE-AspireE1-431.zip (82.9 KB)