I have a Surface laptop with bitlocker enabled and it wont boot. If I try a different already cleaned ME bios the laptop works but bitlocker complains that something changed.
What I need to do is to try clearing the ME region of the original dump but when I do transfer the version 11.8.86.3877 (this is a bit confusing: Size│0x1BF000) in HxD and then test the new file I get error:
"Detected CSE Extension 0x03 with wrong Partition Hash at FTPR > FTPR.man"
Can you please help me either by cleaning the file or by pointing me to the correct guide?
Was Bitlocker using the FW TPM of CSE or a 3rd party HW one? CSME wise, all you can do is follow this guide but I doubt it will help as your current SPI dump seems to have healthy Engine firmware:
Everything else is BIOS and/or HW TPM related. You should use the Bitlocker recovery key and re-set it once the system is booting again with proper FW.
Since its a laptop I guess Bitlocker is using the FM TPM… and since you say that the firmware engine looks ok I guess the bios has something else wrong with it (we tested the laptop to work ok with other dump)…
At the moment we are looking for the key as well… if thats not found then we can use any good dump and format the drive!
Not necessarily, many laptops have dedicated/hardware TMP solutions. I think you can check from Windows what TMP device was in use (tpm.msc maybe). If you see Intel (INTC I think) then it’s the fTPM, otherwise something else. Either way, TPMs don’t handle firmware changes well at this point so the easiest solution would be to find the recovery key and re-set it afterwards.
I think we will go the recovery key way. I cleaned the file but still no dice. Thank you for all your input was very valuable and an experience trip for me.