Hey @Lost_N_BIOS since you already helped @Hyppo regarding this can I just get the bios file and flash it directly to my system my system is running below base frequency I just want to fix that but bios is locked Can I create bios dump without CH341A and Clip tool by help ofany software
Hi friend, Lost_N_BIOS is missed here from a lot of time, but if do you want help to unlock this bios , i am glad to make it with you !
So let me know
Regards
Please help me unlocking it’s pandemic here (india) no shops open and rare to find anyone who can help me please tell me what I need to provide you here is the bios from manufacturers website
https://global-download.acer.com/GDFiles…C=ACER&SC=AAP_2
also i am going to buy https://omatompower.com/product/flash-de…p-with-adapter/ is it the right tool to create bios dump
Hi friend , yes it’s right !
We can make some tryies meanwhile you ì’ll get it.
https://www.mediafire.com/file/t1l86nusl…36+Mod.rar/file
Use this tool to make a vars,txt file and upload it to me, unoack it and execute the 1st command , double click on it :
1. DUMP VARIABLES.bat
Then upload vars,txt file for the modifies …
Let me know Regards
Your Firmware Dump is wrong, make again !!!
Use ASProgrammer, please …
https://github.com/nofeletru/UsbAsp-flash/releases
Let me know
Regards
This i make to give honor to the bigger bios modder on Win-Raid "Lost_N_BIOS" , i hope he will came back quickly to give us a second chance to learn and follow his way to explain and make the modifies, he is GREAT !
As required by Ansh2236 i make a Guide to make the bios mod on this pc :
There are 2 versions of UEFITool to use :
1. UEFITool 058 NE to extract and interrogate bios
2. UEFITool 028 to replace modules
UEFITool is used to extract and replace the bios modules to modify.
The Module involved into this modifies is the GUID FE3542FE-C1D3-4EF8-657C-8048606FF670 SetupUtility.
When you got it then by "Universal EFI IFR Extract" EFI IFR txt and read to find the informations about the Menu Tabs to unlock :
Form Sets
--------------------------------------------------------------------------------
Offset: Title:
--------------------------------------------------------------------------------
0xA3C04 Advanced (0x1645 from string package 0x4)
0xC64D4 Power (0x16CD from string package 0x4)
0xD6384 Security (0x2F from string package 0x4)
0xD7CC4 Information (0xFF from string package 0x4)
0xD8EC4 Main (0x3 from string package 0x4)
0xDA624 Advanced (0x100 from string package 0x4)
0xDC2B4 Security (0x2F from string package 0x4)
0xDDA84 Boot (0x4F from string package 0x4)
0xDED24 Exit (0x89 from string package 0x4)
Then we know that there are 2 tabs and 2 locks to bypass :
0xA3C04 Advanced (0x1645 from string package 0x4)
0xC64D4 Power (0x16CD from string package 0x4)
so now we will use the IDA Pro disassembler to analyze the hex code to find the locks …
Here it needs to know the assembler (intel) and find into the PE the structure, the main sub_routine it has 0x0A number …
Near it there are usually the locks.
We can find by graphical view (more easy to get them) and when we can see the jumps off of the 0x0A then look deeper.
09EA : 74 38 to 74 00
0A22 : 75 1D to EB 1D
So we have and conditional jump = jz and an unconditional jump = absolute jump = jmp , to bypass them it needs to change or the same
OpCode with additional values there are 74 38 to 74 00 = jz to jz + 2 and 75 1D to EB 1D = jnz to jmp
Look the images i uploaded for you …
At the end of this carousel, we need to change these values by HxD Hex Editor tool , look the image, please.
The steps are :
1. UEFITool 058 NE to extract and interrogate bios, extract SetupUtility
2. Extract EFI IFR txt by Universal IFR Extractor, extract infos about Menu Tabs and Eeprom locks
3.
2. UEFITool 028 to replace modules
Here there are steps to use Tools and try to bypass the SPI Programmer :
01. Dump your vars: H2OUVE.exe -gv vars.txt (edit the vars.txt changing the values from 0x01 to 0x00)
02. Write your new vars : H2OUVE.exe -sv varsMod.txt (write back to your NVRAM)
03. Dump your bios backup : fptw64 -d biosreg.bin -bios (Fpt tool read and save intel eeprom data, to edit by HxD)
04. Write your bios mod : fptw64 -f biosreg.bin -bios (write back the edited file by Fpt)
Variables NVRAM to change and remove Eeprom locks
0xBFC59 Suppress If: {0A 82}
0xBFC5B Variable 0x7E equals value in list (0x1) {14 08 7E 00 01 00 01 00}
0xBFC63 Setting: BIOS Lock, Variable: 0x17 {05 91 CD 06 CE 06 12 0A 05 00 17 00 10 10 00 01 00}
0xBFC74 Option: Disabled, Value: 0x0 {09 07 04 00 00 00 00}
0xBFC7B Option: Enabled, Value: 0x1 {09 07 03 00 30 00 01}
0xBFC82 End of Options {29 02}
0xBFC84 End If {29 02}
0xB372B Setting: Flash Protection Range Registers (FPRR), Variable: 0x6D1 {05 91 7A 0D 7B 0D 0F 05 05 00 D1 06 10 10 00 01 00}
0xB373C Option: Disabled, Value: 0x0 {09 07 04 00 00 00 00}
0xB3743 Option: Enabled, Value: 0x1 {09 07 03 00 30 00 01}
0xB374A End of Options {29 02}
Variables BIOS Lock 0x17
>> 01 to 00
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
00000010: 01 01 02 03 00 00 01 01 00 00 01 01 00 01 00 FF
Variables FPRR 0x6D1
>> 01 to 00
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
000006D0: 00 01 00 00 00 00 00 00 01 01 01 00 00 00 00 00
Make these modifies in all GUID 4570B7F1-ADE8-4943-8DC3-406472842384 PchSetup or Custom (variable list)
"029 - Custom" (and)
"068 - PCHSetup"
I hope it will be usefull for any user who want to learn and try to make it by himself , we have to share the knowledgment !!!