Hey, I’m also wondering this, because this is exactly what my machine does.
I have an LG Gram 17 laptop (model 17z990-R.AAS7U1). It ships with the Intel Advanced Menu options enabled in the bios if you press ctrl+alt+f7 to reveal it. I’m trying to flash the manufacturer’s BIOS update package (W1ZD1250.zip), inside which they included:
1) the shell flash (entire bios flash package I guess), with a W1ZD1250.cap file (the bios itself), W1ZD1250_WUFU.cab which I guess is the signed Windows drivers?, ShellFlash64.efi, and “s.nsh” script plus the Winflash64.exe program and corresponding w.bat script.
2) the flash-flash (lol) - fpt.efi (and FPTW64.exe); W1ZD1250.rom file; fparts.txt, and f.nsh (+f.bat for windows) which simply runs
LG was extremely unclear on how to use this bios update package, and in their support forum, multiple people were asking about it, until a rep finally confirmed you’re supposed to run w.bat as admin.
I did this a while ago but since then I suspect I may have gotten some kind of malware/rootkit? possibly in my firmware, after noticing a lot of strange behaviors and network rerouting (like mDNS [multicast] enabling by itself), in both windows and Ubuntu linux. Which is why I’ve been trying to figure out how to use the flash programming tool to reset my BIOS flash to whatever LG included in that update package.
But yeah, so since I have the Intel ME submenu available in the advanced bios, I set the “Me FW Image Re-Flash” option to Enabled as well, but upon rebooting, before it boots into my USB stick with EFI shell on it, it displays the splash screen for a split second before turning itself off again and THEN powering on once more into the shell. And if I interrupt it to check the bios settings, yep, sure enough that option has reset itself to Disabled, and I get Error 238 when trying to run f.nsh.
However after reading some of these forums, now I’m not so sure I even want to do this. If I flash the .rom file from my manufacturer directly, will that overwrite some of the unique identifiers in the ME, BIOS, PDT... regions specific to my PC that I need? If so, what will happen as a result? Would that brick the computer/stop it from booting or something?
If that’s not a good idea, then is there any way I can at least verify the contents of my flash/bios to make sure there’s nothing malicious that might be different from the manufacturer defaults? LG’s update package did also come with a BIOS_checksum.txt file, with an 8-digit hex value in it (0xCBXXXXXX something I can’t remember), but I don’t know how to find the checksum of my currently installed bios to compare.