Yes, you will need to use that guide to either clean and put a new updated ME in there, or if you still have programmer you can do this on your BIOS file you initially programmed to the chip. Fix the ME in that BIOS, then program on chip again, that is easiest way, with the programmer.
Thanks for your reply
Is there a guide I can follow in regard to dumping and re flashing bios from another surface, I actually reprogrammed the other chip while it was still on the board and it was very difficult to get a good connection on all 8 pins so I would prefer to reflash it via command prompt if that is possible
You’re welcome. I’m not sure about what kind of guide you mean. I don’t think there is one here, not a detailed guide anyway, but there is this long CH341A thread - [Guide] Using CH341A-based programmer to flash SPI EEPROM
This is the ME cleanup guide you should have used first on the BIOS before you programmed it, late now but for future reference this is what you need to do before programming a BIOS into a chip in this situation, especially when it’s coming from another system
[Guide] Clean Dumped Intel Engine (CS)ME/(CS)TXE Regions with Data Initialization
Maybe you can use FPT to fix, if your FD is unlocked, but since ME is corrupted if the FD is locked then that would leave you being only able to fix via flash programmer.
Maybe you will get lucky with unlocked flash descriptor, please run the following commands from the Flash Programming Tools / Win32 folder - from this package - https://mega.nz/#!GB9XSBqZ!2lnEz1iVjW6Do…wS6ojpyYI29FUo0
fptw -d spi.bin
fptw -me -d me.bin
fptw -desc -d desc.bin
Please take an image of any error and show the command ran above the error so I can see what is ran giving the errors. Then upload all created files, and the BIOS as noted below
Upload a copy of the BIOS you used to fix the system with, so I can check ME and or fix the ME for you.
You can download the bios from here
I can try and reprogram it with the programmer first and see how it goes, so if you can clean this form that would be great, thanks heaps
I tried to run those commands above with the flash programming tool but it comes with "Reading FW Status failed!" error on each one
Where is the images I mentioned? Did you use the package I linked above? Thanks for the BIOS, looks OK to me, except FIT checksum, but that wouldn’t cause the ME issue.
I will make you new BIOS to use with cleaned ME, but will have to wait until tomorrow leaving right now.
tomorrow is fine thanks heaps, I didnt use the link, I had downloaded the tools from another post so maybe it was a different version, I will try it from your link and see how it goes
Here is a screen shot of what I get when I run the first command in fact I get the same error when I run each of the commands you listed
Thank you, it looks like you cannot use FPT for some reason? So you will have to use flash programmer to put back new BIOS with fixed ME. And since you cannot use FPT, you will need to reset ME via total power drain for 1+ minute, this might be tough on a tablet?
I assume you can’t easily remove CMOS battery, so you will have to remove main battery, unplug any power cables, and then press and hold the power on button for 1+ minute. This will reset the ME state, do this after you re-program with programmer and before you attempt to turn it back on.
Once back running, enter the BIOS and load optimal defaults.
I fixed FIT checksum, but then I noticed while doing Intel ME your BIOS is signed/protected, the FIT table is outside of the signed areas though, so it may be OK and I do suggest trying that BIOS first once I create them.
However, due to that I will included two BIOS, one with fixed FIT checksum, and one without, incase the fixed one fails to load due to the changes and security in place. I need help with an issue first though, so please be patient, thanks!
Plutomaniac - I’m stuck at step #7, first time using this for me, so apologies if I should already know There is no SMIP Signing Key entry to input the dummy.pem location, how do I move forward?
Thanks!
The first three sentences of step 7 clearly indicate what needs to be done.
yes there is no removable CMOS battery, I can isolate the main battery easy enough so no need to drain it
Plutomaniac, thanks for your reply and sorry if it’s a dumb question. I know I saw you re-write that to be more clear for someone, and it’s always been clear for me too until now.
Platform Integrity as a label I have never seen, maybe that section is renamed now? I’ve always seen the “Hash Key Configuration for Bootguard” section, where there is the populated hash key or zeros. This is first time I’ve encountered a key there instead of zeros, so naturally I assume I need to do the dummy key, but no SMIP
Am I misunderstanding it, and since there is no specifically labeled “Platform Integrity” section, I can safely ignore the populated OEM Public Key Hash and move on to step 8? I didn’t think I should, so I stopped there to ask.
@plnewton - are you saying you cannot remove main battery? It’s soldered on?
The main battery just has spring contacts to the motherboard, I can slide something in between the contacts and the motherboard so it has no power so it will be fine
Yes, OK, that would work, make it thick enough or thin plastic so you’re sure. Maybe I’m confused about the above? Best to ask to be sure before moving forward, otherwise it might cause failed flash.
no worries mate that’s cool… thanks for your help, greatly appreciated!
You’re welcome! I’m probably confusing myself, and should skip that step that was concerning me, but I want to be sure since you have a boot guard hash key set, otherwise you may get a failed flash and I try to keep that as low as I can (zero is always the goal! )
Yes, the instructions clearly say that if “Platform Integrity” is missing then you move to the next step. Besides, SMIP is only relevant to CSTXE.
OK thanks, so populated hash key for bootguard is OK to skip over? I never knew, and surely didn’t understand it that way, thank you for clarifying.
I will get you BIOS to test soon @plnewton
Yes everything remains as it is unless the guide says otherwise. Nothing out of the ordinary for this CSME 11 case.
Thank you plutomaniac, I wouldn’t worry so much if it was a desktop, easier to recover from bad flash, but since laptop/tablet I know that’s very difficult for end user to recover from bad flash sometimes due to having to take it all apart. So have to be as careful as possible, especially on an ME thing! Thanks!
I just remembered he has programmer though, and already opened up this system, so I guess I shouldn’t worry so much!
@plnewton - here is BIOS with fixed/updated/clean ME, and FIT table Checksum corrected.
http://s000.tinyupload.com/index.php?fil…483478238908694
Right click download button, save as, or right click download button and open in new tab. This site has a lot of ads/pop-ups that want credit card etc crap like that, and without proper blockers it tends to worry and hassle some users.
Please remember to do the following post programming chip - remove/isolate main battery, unplug any power cables, and then press and hold the power on button for 1+ minute. This will reset the ME state, do this after you re-program with programmer and before you attempt to turn it back on.
Once back running, enter the BIOS and load optimal defaults.