Thanks for the info, I thought Intel canceled UV on laptops completely.
1 Like
Im sorry but did you just flash a new bios or did you modify the hardware aswell since you was talking about the bios chips and stuff little bit confused. Im trying to unlock undervolting for my 13700hx omen 16 too but i get write error on aswell because of bios write protection.
@Zookane No i didnt modify the hardware. Basically I extracted the active BIOS from the BIOS chip using a CH341a, modified the extracted BIOS, then flashed it back. Now undervolting is unlocked. If you need further help let me know.
Try to first read and learn about CH341a and how to use it, maybe open the back cover of your laptop and locate the BIOS chip. Once you do these two things go ahead and order a CH341a. The rest is relatively quick and easy
Big thanks for your effort.
How did you modify the padding areas? Or how did you find the CpuSetup instances inside of them?
Open the bios backup.bin file in a hex editor, and search for all instances of “CpuSetup” in hex. You will get around 6 results.
Then find the exact bit inside every instance of CpuSetup and edit it
Am I to understand that you directly hex-edited bios dump from the chip? No UEFITool tweaking?
Do you think it will work for HP Elitebook 840 G6, to allow undervolting? I tried UEFITool on bios file from the HP website, but it has found no keywords like “cfg lock” or “overclocking”. Some said Elitebooks have the bios encrypted and I found many unsuccessful attempts to undervolt these computers on the internet. The only way I know of is a bios rollback (using a programmer) before there was a plundervolt fix. There’s also a feature called HP SureStart (can be disabled in bios if I remember correctly) that recovers bios under certain circumstances - that can cause problems too.
Bios chip is Winbond 25Q256JVEN.
Yes you are correct, I directly modified the BIOS dump using a hex editor. Since we are just changing the values of the variables, there is no need to “extract” using UEFITool and then replacing using UEFITool. It should definitely work on your HP Elitebook.
Since we are not actually modifying the BIOS, HP SureStart or any BIOS recovery mechanism should not trigger. What we are doing is similar to changing some BIOS setting from the F12 setup menu.
For example, in my BIOS setup menu I can turn on or off Hyperthreading. Now imagine that you want to do this but instead of opening the setup menu by spamming F12 key, you just extract the BIOS using an external programmer, edit the UEFI variable responsible for Hyperthreading (I believe it is the 7th byte in CpuSetup (?) you can see all the variables positions using UEFITool and IFRExtractor to make sure before you edit), then flash this “edited” BIOS. Your device wouldnt be able to tell the difference between this type of editing or just changing the setting from the setup menu.
Does it make sense? We are not “modifying” anything about the BIOS.
Also another point, you cannot edit the BIOS file from the HP website. You should edit the BIOS file that you extract from your specific device using an external programmer
Thank you for your thorough explanation, I understand. Hopefully these setup variables are still variables and not something “baked in” in the bios for my computer.
I used to be involved in retro computing community and once I was trying to modify bios settings of MSI 694T Pro via hex-editing. You could easily export a complete settings from the chip using a DOS SW, modify it and restore it after that. I remember, however, there was a crc checksum at the end of the dump. It took me a while to figure it out and adjust the checksum accordingly to avoid settings being resetted upon the start of the computer. I guess modern computers do a different kind of checks, whether the settings stored in the chip are still valid, or not. Some “out of the range” feasibility checks for each setting.
Anyway, I ordered a full set of CH341A programmer and I will report back once it arrives in a few weeks and I am able to read the chip.
They are definitely still variables. As @Sweet_Kitten pointed out on a different post
That sounds cool af, at some point someone on this forum showed how to bypass a checksum for a modified BIOS but im unable to find the exact post.
Alright best of luck!
Hey I’m trying to do the same thing on my r1019nt. I have a CH341B programmer. I modified my BIOS as you said by changing the padding CpuSetup values as well. However, although my Throttlestop’s FIVR tab is unlocked after the “procedure”, any changes I make there seem to have no effect whatsoever. Have you also experienced this? If so, how did you fix it? Thanks in advance!
Just typing this in case someone else sees this post, I just had VBS enabled even though I thought I turned it off. I have my undervolt working beautifully now even in the latest BIOS and microcode : ) Thanks for sharing all this information @Fadel_Hel
1 Like
Congrats mann, I know exactly how you feel :)))) you are most welcome
1 Like