Hey Ahmed
Hope you're having a good weekend.
I've had some time to play around with modifying some of the code, and I've listed the work I've done so far:
1) I've backtraced all the calls to the 'interesting' routines - and it appears that they seem to originate (as you correctly indicated) from sub_41488. In fact, the smoking gun is at offset_4150b: lea r8,off_3e0 (where all the advanced menu text beings)
2) So far so good. So in my normal BIOS, under the Advanced Menu I get to see all the text (and options obviously) from off_3e0 to about off_2470. From off_2478 (Charger Behaviour, etc) this text is hidden from my 15z standard BIOS.
3) Maybe I haven't figured IDA out properly yet, or maybe there is a strong clue in what I'm going to point out now. If you switch to text view mode when xrefing the code at off_3e0, the code is automatically segmented as follows:
1) .text: 03e0 off_3e0 (xref from sub_41488)
2) .text: 0410 qword_410 (start of Unhidden BIOS menu options: Speedstep, Virtualization etc)
3) .text: 1458 (Unhidden BIOS options: Powershare, 1394 etc)
4) .text: 2478 (Hidden options: Charger Behaviour, Express Charge, Wireless Config)
5) .text: 34a0 (Unhidden options: Battery Health, Misc Devices (USB Ports, eSata)
5a) .text: 3900 (Hidden option: Express Card Slot) <- prob because the 15z does not have a express card slot
5b) Note: at offset 3960 there are hidden options: Modem, Microphone, Camera, 1394, Media Card, Optical, FingerPrint
6) .text: 44a8 (Unhidden options: Diagnostic Screen)
6a) Note at offset 4600 there are hidden options: lots of interesting stuff
7) .text: 54a8 (Hidden options. Really good stuff)
etc etc
Why does IDA automatically group 410, 1458, 2478, 34a0?
4) So what I modded in sub_41488 was to nop or jmp my way sequentially through all the module without prematurely ending at loc_415eb. I've attached my handiwork. Result: Advanced Menu comes back, but no hidden menus or options unlocked. At this point I'm thinking that the routine checks against some mask (r9, rdx, ecx?) to identify the available hardware and/or allowed menu options before jumping to various parts of the code. Or I've reached the limits of what I can do today
Anyway it's Friday night, and I need to go out to clear my head. If you have some time to look at the file and let me know if you've picked up on something it would be greatly appreciated!
Cheers
jkbuha