[Request] Unlock advanced menu on 2019 Acer Predator Helios 300 PH315-52

@Lost_N_BIOS
Hi, I tried my own modified bios and yes system is started and advanced menu is unlocked now however overclock menu is greyed out



Can you please explain how to enable overclock menu?
Here is links again (the same as in post #55)

Stock bios 1.08
https://www.sendspace.com/file/sfaiaz

and my modified bios (with two bytes changed on rows 9e0 and a22
https://www.sendspace.com/file/q0x1ha


https://www.sendspace.com/file/q0x1ha

@Hyppo - Nice work, you unlocked your BIOS menus!!

Wow, well, there is a lot of other edits to do here, give me a bit (if you’re reading this now) and I will try to explain how to do them all (BIOS Lock, FPRR, Overclock Menu)

* Edit - get ready, time to learn some stuff, or at least here is extended crash course on how to edit a few things

Iam back after couples of weeks abroad thank you for your replies guys …
i will put the last bios like Hyppo the 1.08 version and i will come back with a dump via FPT tomorow when iam home …
take care meanwhile and thank you for your support …

Hi @Lost_N_BIOS sorry for a delay, I will follow your instructions and tell you results very soon

Btw I’ve got my secondary laptop



Lenovo Legion Y540 2019, I don’t think I need to unlock it actually but I already made a dump, just on case

@Hyppo - BIOS always needs unlocked How did you come along with the Setup Edit & NVRAM editing info I gave you above?

@saltinbank - unlock BIOS Lock and SMI Lock via grub, before you dump BIOS with FPT, that way those are unlocked already in your dumped BIOS region

Hi @Lost_N_BIOS I didn’t get some of your explanations in both sections, can you please elaborate?

1. In Setup Edit (FPRR switch default & Overclock Feature Unsuppress) part
I passed till step 5 and found string 05 91 77 0D 78 0D 0A 05 05 00 D1 06 10 10 00 01 00



but what does it mean

?

2. In NVRAM/Vss Edit (BIOS Lock, FPRR, Overclock Menu) part
Do I need to open my full bios dump? And then search for text "GUID" as usual? I can’t find neither VSS/NVRAM Store or FFF12B8D-7696-4C8B-A985-2747075B4F50 there


Also, what is difference between those two parts regarding the Overclock Menu? First part makes this Overclock menu non greyed-out, rt? What does second part then?

Thanks!

@Hyppo , I gave you example of what that means, see my post again, look at IFR and hex, then look at my example again
Here, I try to explain again, but it will be same as above. Please note, this is only example, using the info I posted above (I didn’t look at your BIOS right now, so if some value is incorrect here ignore and use what is in the IFR & Hex you are looking at)

05 91 77 0D 78 0D 0A 05 05 00 D1 06 10 10 00 01 00 << This = Flash Protection Range Registers variable string, you see in hex/IFR. Directly following this string in hex is the two settings you see in IFR (See below)
09 07 04 00 00 00 00 << Disabled setting string
09 07 03 00 30 00 01 << Enabled (Default) setting string - The “30” here, is what sets “Default”, you can move that from here (make this 30 = 00 instead), then put 30 above in same position, instead of the 00 there now.

The 00 at end = disabled
The 01 at end = enabled
The 30 at 5th byte = what makes either setting “Default”

See, changes discussed above, applied below now >>
09 07 04 00 30 00 00 << Disabled (Default) setting string
09 07 03 00 00 00 01 << Enabled setting string

Hope that clears it up better for you

#2 - use Search by GUID function of UEFITool, if you are extracting to edit, best to do this with UEFITool NE Alpha 51-55, you’ll see more module names/info there, then do your re-insert with version 25 side by side, so you can see you are at the correct module/location.
Some modules you wont see a name for in version 25/26, but you would in 51-55, however search by GUID should always take you to the correct module.

Both of those edits for the Overclock menu are same, just done on different copies of the NVRAM/VSS settings storage areas. Or do you mean between edit 1 and edit 2 in general?
if yes, the first edit #6 about this, that makes it not grayed out, second edit at NVRAM area makes it enabled by default at the NVRAM level
That can also be done at the setup module too, like shown above for FPRR, but since it’s disabled by default best to set enabled at NVRAM no matter what while you’re already editing NVRAM because sometimes something set there will lock in a disable value.

Dear @Lost_N_BIOS thank you very much for the explanation, I read it several times and now it’s clear so I don’t know how could I stuck there

So I prepared my latest mod where in total five bytes changed

1) two bytes changed for unlocking advanced menu
2) two bytes changed to change default value in FPRR
3) one byte changed in question regarding the overclock menu

I flashed and yes it works, overclock menu is ungreyed and the only difference is that it by default it’s disabled but it’s not a problem

@Lost_N_BIOS I understood everything except old first step when you told on 9eb position to change the value from 38 to 00 and on a22 position to change value from 75 to eb

I checked IFR file made from the setup utility but can’t find such combination of bytes, can you please elaborate why these values?

Hello,
Please will you help me unlock my acer bios advanced settings?
I have the laptop newly (PH315-51-78NP), and would like to have it’s bios settings unlocked i already used SPI programmer and SOIC8 clip. I’ve dumped my BIOS with the programmer and tried to follow steps in forum but actually i lost in bios!! not that kind of guys.
would really appreciate a help , kindly find below the dumped bin and thank u in advance.
https://drive.google.com/open?id=1jKHovI…XGM2RT1rH38O1mn

@Hyppo - Sorry for delay! ON your post #68 - Overclock menu disabled by default can be changed by moving the “30” default as explained above, however, some may rely on what is set in NVRAM, so if you haven’t done the NVRAM changes yet that may be why it’s “Disabled” by default still.
#69 - Sorry, I have no reference to look at for the changes you mentioned there, where did I show you to make those (What post#)? That looks like assembly edits though, so you wouldn’t see anything in IFR for this.

Ohh, I see I sent you that info from earlier BIOS edit, probably in PM, and maybe not for current BIOS if what you find by default doesn’t match what I told you to change.
I sent you images of how that info was obtained, in the Hyppo-How-To I sent you long before I told you all the above unlock stuff, it has images in the folder with IDA in names, that’s the assembly edit info to unlock advanced

@haskhafak - I will help you in your thread, no need to post here as you do not have this same model anyway.

@Lost_N_BIOS
Yes in those how-to you said to change 2 particular bytes on 9eb and a22 places and it was for ver. 1.06
Later I found the same values on 1.08 version and changed it myself and it worked fine. But I don’t know logic how did you find it? Is it from IFR extraction of the System Utility branch? Or it was used by different method, not like with FPRR and Overclock ungrey?
Thx

he changes some juming instructions that the advanced menu gets shown in the main setup file.
e.g. eb / 74 / 75 is (conditional) jumping in assembler.
he know what to do while he placed the main setup efi into ida and may also checked the locaton of the tab with ifr export (not sure which tool he uses) but in the top you can find some hex value adresse which you search and scroll up little (for init) that you check with other visible tabs (by adresse) and mod the instruction to jump "in" (not out [hidden]) [or however the setup main works])

keys: ghidra/ida - some basic assembler jump instructions

@Hyppo - Yes, as mentioned by SODA, this is done/found in assembly (I use IDA, but you can use any free one you like), on the setup PE32 module. Nothing to do with IFR here
I showed you in that How-To folder, with text and images of the actual edit in assembly using both flow and code view. How to find in general, you either follow that Donovan6000 guide, or just know by recognizing how things look at these locations in assembly.

As you know, my first and second guesses were wrong on this BIOS, I wouldn’t have got it until the third edit of the three possibly edits I picked out for this mod.
This is due to this BIOS not following Donovan6000’s example, but me looking for the edits and trying to guess by recognition (of which, I am not great at with Insyde BIOS). And that is especially true if layout is not like Donovan6000’s example, but can find sometimes.
When BIOS is like what’s shown in Donovan6000’s guide, then it’s easy and these edits are found via offset and menu locations from setup PE32 BODY IFR (offsets from that will match what you find following his guide)

can you link / reference (again). please

@SODA - what do you need linked again? Sorry, it sounded like you already know how to do this, know a lot etc, surprised you need a link about how to
Here is the guide by Donovan6000 I mentioned - http://web.archive.org/web/2016111807325…power-tabs.html
For the other stuff I sent him I’d probably have to reamake a new how to if you need shown examples, I don’t think I kept the how-to I sent him before. I can do if you want, I do have my notes and the before/after files etc still.

It’s always worth to check out descriptions/help from others. There is always a chance yourself is missing something.
I tried to unlock insyde bios but couldn’t figure it out how to make it visible. So as this is the best example I was wondering if there might me some more description in your help info.

Edit: yeah this Donovan guide is is very good but I already studied it.

If you want to write some more info/details about it (you always can refer the basics to the upper link) you’re more than welcome but given the work I don’t want to waste your very helpfull time for others.

@SODA - Yes, I know what you mean too, always good to see how things done and learn more any time you can!
Did you see spoiler on page #5? OK, give me a few and I will make you a how to about the actual menu unlock on this BIOS, just few images and some text

Menu unlock edit itself, as shown in above images
1. Find Setup Utility Module in UEFITool (GUID - FE3542FE-C1D3-4EF8-657C-8048606FF670), this can be done by search >> GUID
2. Expand, go to PE32, right click, Extract Body
3. Apply Edit in hex, two bytes changes, then save
4. Go back to UEFITool, setup >> PE32, right click, Replace Body
5. Save BIOS Image as "Mod name etc"

That is all!

Hex Edit -
1. At location 9EB Change 38 >> To >> 00
2. At location A22 Change 75 >> To >> EB

Hi @Lost_N_BIOS and @SODA

So it looks I am the only one who doesn’t understand how you came to this conclusion

I never heard about Donovan before, I have to check those manual

No… You did pretty good. That whole thing isn’t "sooo" easy. Especially not easy "to learn" if you don’t have good guidlines/manuals/sources and are not very familiar with disassembly at all.
You’re one of the lower % who acually care about the stuff behind. Most people just Request bios mods.