[Request] Unlock advanced menu on 2019 Acer Predator Helios 300 PH315-52

Hi, please help in unlocking advanced menu.

Exact model name: Acer Predator Helios 300 15 PH315-52
Bios ver. 1.06, can be downloaded from here
https://www.acer.com/ac/en/US/content/su…roduct/7983?b=1

I have dump prepared by CH341A and Clip tool, program is Windows version CH341A ver. 1.18 but if necessary I can do from Linux.

Bios chip is Winbond 25Q80EWNIG, Bios itself is InsydeH20 Rev. 5.0

Dump is attached

Btw there is one annoying thing with this laptop, in order to get access to bios chip, you must to remove whole cooling system

Thanks in advance, please let me know if anything else required

--------

@Lost_N_BIOS
Hi, could you please explain basic steps in order to access the hidden menu?
Thanks


Edit by Fernando: Thread title shortened

maybe you can use ambcp to edit the bios,then flash the modbios into your laptop

@Hyppo - please dump BIOS first The file you’ve dumped above is EC or other FW / 1MB chip, your BIOS chip will be 16MB chip (example chip ID W25Q64)
Please note, I hate Insyde BIOS, so it may take some bricked BIOS tests before I find correct edit, so be ready to recover. Yes, once we confirm correct edit I will tell you how to do it, it’s usually only two bytes need edited with UEFITool and hex editor

Also, since this is a more modern system, I suggest you use 1.30 or 1.34 version software, and if BIOS chip ID is W25Q64FV use this ID instead to dump and write >> W25Q64BV
http://s000.tinyupload.com/index.php?fil…257455007472602

Hi @Lost_N_BIOS there is another problem, I removed cooling system, battery, memory, ssd but there is no other chip in such package
Are you sure that this 8Mbit chip is not a bios and I must have 128Mbit somewhere?
I will upload pictures of the motherboard shortly
---------------
Here is the pictures and video of the motherboard, no bios chip on this side

Mission completed

@Hyppo - Did you find the BIOS chip, or use a flash program? In reply to your question at post #4, you didn’t send me a 8MB file, you sent 1MB. BIOS chip may be 4MB-8MB-16MB, I don’t know, but it’s not the 1MB file you sent above at post #1

Did you edit the BIOS, or you got the menu unlocked by someone else? If yes, please send me the unlocked BIOS (or just setup module from it if you want), so I can use it to help unlock BIOS for anyone else later, thanks

From your images, I can’t tell for sure, but one of these three may be BIOS if that is SOIC8 chips. I can’t tell from the images. If these are not the BIOS, then BIOS may be in WSON package, which I’d need much better images of the chips to be able to tell for sure.

PossibleBIOS.jpg

@Lost_N_BIOS
Yep those 1Mb chip above is not a bios it is smth else, btw do you have any idea what is it for? can it be used to control fan speed?

While bios is located on opposite side of the motherboard and I needed to remove it in order to access. This is quite annoying but nothing complicated actually, I think I will write small instruction how to do it.
Then I made a dump with Ch341A (those from 1.18 which I uploaded in neighbour thread) and then sent to someone from other forum who unlocked it to me. I have no idea what he did but it works)

Yes, I couldn’t see those chips, so don’t know size or what they are, it was only thing that “looked” like SOIC8, so I circled for you.
I don’t know, it’s probably EC FW, or maybe some other controller, this is not something I know how to or have any tools to edit other than direct hex edit which is not helpful unless you know what you are editing.

Yes, that looks like proper BIOS above. You shouldn’t need to remove the chip, unless your clip was too fat? When that happens, I always file down the plastic part of the clip and then it makes room

Well I already filed my clip when tried to access those 1Mb chip because memory slot prevented it so I cut off from the sides but not from the end

And regarding the main chip it isn’t blocked but it was quite difficult to connect before it could read, I think I could plug it 10 or even more times before it worked although contacts looked good in all cases. Last time after successful connection I made bunch of photos for reference how it should be.







Yes, this is normal, sometimes I have to connect 10+ times too, always looks good too but no keep trying
Some say Pomona clip does better job, but I assume the same with those, but maybe a little less times

-----------------------

@Hyppo - Here is BIOS with unlocked FD, FPRR disabled, and for now only overclock feature ungrayed out and enabled by default (will/still working on all rest of stuff we’ve been discussing)
Program this in with flash programmer, then test as mentioned below. If you get success after trying to flash SPI.Bin back into the chip with FPT, all is unlocked and you can now redo your thermal paste, and put system back together, rest of edits/flashing can now be done in windows from here on out.
http://www.filedropper.com/dumpcolibrifvm-pre-fpt-mod

Here’s FPT how-to - Go to this thread and in the section “C” download the V12 ME System Tools Package
Intel Management Engine: Drivers, Firmware & System Tools

Once downloaded, inside you will find Flash Programming Tool folder, and inside that a Win32 folder. Select that Win32 folder, hold shift and press right click, choose open command window here (Not power shell).
At the command prompt type the following command to attempt to dump entire BIOS at once >> FPTw.exe -d SPI.bin

Right after you do that, try to write back the entire BIOS and see if you get any error, if you do STOP HERE, do not try to proceed, and show me image of the command entered and the error given >> FPTw.exe -f SPI.bin
If you do not get error and all success, then all is good to go, and you can do as I mentioned above, we’re done with flash programmer!

If you are stuck on Win10 and cannot easily get command prompt, and method I mentioned above does not work for you, here is some links that should help
Or, copy all contents from the Flash Programming Tool \ DOS folder to the root of a USB Bootable disk and do the dump/flash DOS instead (Same commands, but remove the w from FPTw)
https://www.windowscentral.com/how-add-c…creators-update
https://www.windowscentral.com/add-open-…menu-windows-10
https://www.laptopmag.com/articles/open-…ator-privileges


If this BIOS fails to boot I know the reason! I fixed Intel FIT Table for CPU microcodes (incorrect checksum), I assume this wont cause issue, but if it does I’ll put it back

Hi @Lost_N_BIOS I’m very happy with results of your bios

Please find 3 major things in the report below

1) Firstly, the assumption about setting Overclocking Feature was correct, when I set it to disabled I see this



But once I change it to Enabled (by default on your mod) it opens chest of gems



Now I can go to memory settings and select XMP profiles



And this is so simple just like in high-end desktop motherboards where I can select it and it runs flawlessly (I haven’t run stress tests yet but at least it allows me to setup everything I want even custom timings) and it really runs the memory at 3200 Mhz clock (stock is 2666)





I think there are not many laptops in the world (if any at all) which allow to run memory at 3200 clock

2) How can we be sure that every items are unlocked? (I still has concerns about fans control). Now my overclock menu is shown above and Advanced menu is below



How to be 100% sure that no any hidden menu items missed or greyed out?

3) And last one, about write protection. So I did everything by your instructions and get the following





Is everything fine, can I do a final assembling of laptop with proper thermopaste?

Thanks!

@Hyppo - Hey, that’s great news, in that app I showed you, the memory section was blank inside so that’s what I thought was maybe a bug and I’d have to look at how it was redirecting the in actual code to fix it.
Turns out it’s just more “incompatibilities” of that app and this particular BIOS, that’s nice, less things we have to hassle with

If you want a 100% fully unlocked BIOS, you’ll have to send me a huge archive of images of every page of your BIOS, all submenus and all settings etc, so I can see what you see vs what is possible/hidden from you.
In the code, I see a lot of settings are suppressed, similar to how that one was grayed out too.

Fan control I’ve already showed you where that is, two different sections with similar functions (depending on which method you enable/use, those will be applied).
This is the only options in this BIOS for fan/temp control, aside from other power related/performance type options that can affect CPU speed+Power draw thus temps

On the memory, I’m sure you noticed, but in case not, you can also set “Custom” instead of XMP, and then set whatever you want for speed, timings, voltages etc
Most laptops with DDR4 can do speeds like this, if their CPU supports it, and BIOS is modified (and not gimped by manufacturer at the hidden settings)

That does not look right in the FPT write operation, for two reasons, but at least we don’t see any deny of flash or error when flash proceed (ie unlocks all good!). The ME disable message doesn’t look good, and it doesn’t look like it wrote much for the actual writes it did (but may be due to same contents already on flash).
This leads me to wonder, if your ME FW is corrupted, or disabled/damaged? Did you disable it? If not, please run this from MEInfo folder and show me output >> MEINfoWin.exe -verbose

And then test this command, but be ready to recover with programmer! Show me outcome before you reboot, I mean the process/feedback it gives you as it write like you did above.
FPTw.exe -rewrite -f SPI.BIN

After you take the screenshot from the above, close anything you are working on and save the above image, then run the following
System should automatically reboot, if not, shut down, remove PSU cable, remove main batter, press and hold case power on button for 10 seconds, then let sit for 1+ minute without power. This will reset the ME FW state, if it’s not disabled or corrupted
FPTw.exe -greset

You may need to reprogram with flash programmer after the above -rewrite, if you do not, then all is OK as far as FPT usage is concerned, we’ll fix the ME FW is necessary and then you can put system back together.
If you didn’t have to recover, then once you reboot back into windows from teh -greset reboot, make another MEInfoWin.exe -verbose image for me too (If it’s exact same as first, just post one and tell me both = same)

Hi @Lost_N_BIOS

1. Yes I’d like to have 100% unlocked bios. It’s not a problem for me to take photos of each section screen in the bios and send to you if you are ever going to compare it
Or probably I can do smth myself? For example, I can try to change every settings and check that there are no any greyed out ones, is it correct approach?
Please let me know which way you prefer

2. Regarding FPT, no I didn’t disable ME and I even don’t know what is it Also it said that GbE region not exist, do I need it too?
Hey @Lost_N_BIOS
I survived after a -greset

2.1. I run Meinfowin -verbose and got following


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
 
Intel (R) MEInfo Version: 12.0.40.1433
Copyright (C) 2005 - 2019, Intel Corporation. All rights reserved.
 
LPC Device Id: A30D.
Platform: Cannonlake Platform
 
Windows OS Version : 10.0
 
FW Status Register1: 0x90000245
FW Status Register2: 0x00F10506
FW Status Register3: 0x00000020
FW Status Register4: 0x00004004
FW Status Register5: 0x00000000
FW Status Register6: 0xC0000000
CurrentState: Normal
ManufacturingMode: Disabled
FlashPartition: Valid
OperationalState: CM0 with UMA
InitComplete: Complete
BUPLoadState: Success
ErrorCode: No Error
ModeOfOperation: Normal
SPI Flash Log: Present
Phase: ROM/Preboot
ME File System Corrupted: No
PhaseStatus: UNKNOWN
FPF and ME Config Status: Committed
FW Capabilities value is 0x31119140
Feature enablement is 0x31119140
Platform type is 0x71000391
Intel(R) ME code versions:

Table Type 255 ( 0x FF ) found, size of 0 (0x 00 ) bytes
BIOS Version V1.06
Table Type 255 ( 0x FF ) found, size of 0 (0x 00 ) bytes
Table Type 0 ( 0x 00 ) found, size of 57 (0x 39 ) bytes
Table Type 1 ( 0x 01 ) found, size of 129 (0x 81 ) bytes
Table Type 2 ( 0x 02 ) found, size of 117 (0x 75 ) bytes
Table Type 3 ( 0x 03 ) found, size of 91 (0x 5B ) bytes
Table Type 4 ( 0x 04 ) found, size of 185 (0x B9 ) bytes
Table Type 7 ( 0x 07 ) found, size of 37 (0x 25 ) bytes
Table Type 10 ( 0x 0A ) found, size of 66 (0x 42 ) bytes
Table Type 11 ( 0x 0B ) found, size of 82 (0x 52 ) bytes
Table Type 12 ( 0x 0C ) found, size of 96 (0x 60 ) bytes
Table Type 14 ( 0x 0E ) found, size of 14 (0x 0E ) bytes
Table Type 16 ( 0x 10 ) found, size of 25 (0x 19 ) bytes
Table Type 17 ( 0x 11 ) found, size of 113 (0x 71 ) bytes
Table Type 19 ( 0x 13 ) found, size of 33 (0x 21 ) bytes
Table Type 20 ( 0x 14 ) found, size of 37 (0x 25 ) bytes
MEBx Version 0.0.0.0000
GbE Version Unknown
Descriptor Version 1.0
Vendor ID 8086
FW Version 12.0.31.1416 H Consumer
LMS Version Not Available
MEI Driver Version 1914.12.0.1256

PMC FW Version 300.2.11.1020

PCH Information
PCH Version 10
PCH Device ID A30D
PCH Step Data B2
PCH SKU Type Production PRQ Revenue
PCH Replacement Counter 0
PCH Replacement State Disabled
PCH Unlocked State Disabled

FW Capabilities 0x31119140

Protect Audio Video Path - PRESENT/ENABLED
Intel(R) Dynamic Application Loader - PRESENT/ENABLED
Service Advertisement & Discovery - NOT PRESENT
Intel(R) Platform Trust Technology - PRESENT/ENABLED
Persistent RTC and Memory - PRESENT/ENABLED


Capability Licensing Service Enabled
End of Manufacturing Enable Yes
Local FWUpdate Enabled
OEM ID 00000000-0000-0000-0000-000000000000
Integrated Sensor Hub Initial Power State Disabled
Intel(R) PTT Supported Yes
Intel(R) PTT initial power-up state Enabled
OEM Tag 0x00
PAVP Supported Yes
Post Manufacturing NVAR Config Enabled Yes
TLS Disabled

FW Type Production
Last ME reset reason Global system reset
BIOS Config Lock Enabled
GbE Config Lock Enabled
Host Read Access to ME Enabled
Host Write Access to ME Enabled
Host Read Access to EC Enabled
Host Write Access to EC Enabled
Protected Range Register Base #0 0x0
Protected Range Register Limit #0 0x0
Protected Range Register Base #1 0x0
Protected Range Register Limit #1 0x0
Protected Range Register Base #2 0x0
Protected Range Register Limit #2 0x0
Protected Range Register Base #3 0x0
Protected Range Register Limit #3 0x0
Protected Range Register Base #4 0x0
Protected Range Register Limit #4 0x0
SPI Flash ID 1 EF4018
SPI Flash ID 2 Not Available
BIOS boot State Post Boot
Slot 1 Board Manufacturer 0x00000000
Slot 2 System Assembler 0x00000000
Slot 3 Reserved 0x00000000
M3 Autotest Disabled
EPID Group ID 0x28CC
Keybox Not Provisioned
Minimum Allowed Anti Rollback SVN 1
Image Anti Rollback SVN 5
Trusted Computing Base SVN 1
Re-key needed False
HW Binding Enabled


FPF UEP ME FW
*In Use
--- --- -----
Enforcement Policy 0x00 0x00 0x00
EK Revoke State Not Revoked Not Revoked Not Revoked # Not Revoked=0, Revoked=1
PTT Enabled Enabled Enabled # Disabled=0, Enabled=1
OEM ID 0x00 0x00 0x00
OEM Key Manifest Present Not Present Not Present Not Present # Not Present=0, Present=1
OEM Platform ID 0x00 0x00 0x00
OEM Secure Boot Policy 0x00 0x00 0x00
CPU Debugging Enabled Enabled Enabled # Enabled=0, Disabled=1
BSP Initialization Enabled Enabled Enabled # Enabled=0, Disabled=1
Protect BIOS Environment Disabled Disabled Disabled # Disabled=0, Enabled=1
Measured Boot Disabled Disabled Disabled # Disabled=0, Enabled=1
Verified Boot Disabled Disabled Disabled # Disabled=0, Enabled=1
Key Manifest ID 0x00 0x00 0x00
Persistent PRTC Backup Power Enabled Enabled Enabled # Enabled=0, Disabled=1
RPMB Migration Done Disabled Disabled Disabled # Disabled=0, Enabled=1
SOC Config Lock Done Not Done Done # Not Done=0, Done=1
SPI Boot Source Enabled Enabled Enabled # Enabled=0, Disabled=1
TXT Supported Enabled Enabled Enabled # Disabled=0, Enabled=1
 
ACM SVN FPF 0x00
BSMM SVN FPF 0x00
KM SVN FPF 0x00
OEM Public Key Hash FPF 0000000000000000000000000000000000000000000000000000000000000000
OEM Public Key Hash UEP 0000000000000000000000000000000000000000000000000000000000000000
OEM Public Key Hash ME FW 0000000000000000000000000000000000000000000000000000000000000000
PTT Lockout Override Counter FPF 0x05
 
 


2.2 I run FPTW -rewrite -f SPI.bin and got this one



2.3 Then I issued command FPTW -greset, systtem rebooted in few seconds so I couldn't even make a photo

2.4 It's up just fine and then I run MEinfowin -verbose again

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
 
Intel (R) MEInfo Version: 12.0.40.1433
Copyright (C) 2005 - 2019, Intel Corporation. All rights reserved.
 
LPC Device Id: A30D.
Platform: Cannonlake Platform
 
Windows OS Version : 10.0
 
FW Status Register1: 0x90000245
FW Status Register2: 0x02F10506
FW Status Register3: 0x00000020
FW Status Register4: 0x00004004
FW Status Register5: 0x00000000
FW Status Register6: 0xC0000000
CurrentState: Normal
ManufacturingMode: Disabled
FlashPartition: Valid
OperationalState: CM0 with UMA
InitComplete: Complete
BUPLoadState: Success
ErrorCode: No Error
ModeOfOperation: Normal
SPI Flash Log: Present
Phase: ROM/Preboot
ME File System Corrupted: No
PhaseStatus: UNKNOWN
FPF and ME Config Status: Committed
FW Capabilities value is 0x31119140
Feature enablement is 0x31119140
Platform type is 0x71000391
Intel(R) ME code versions:

Table Type 255 ( 0x FF ) found, size of 0 (0x 00 ) bytes
BIOS Version V1.06
Table Type 255 ( 0x FF ) found, size of 0 (0x 00 ) bytes
Table Type 0 ( 0x 00 ) found, size of 57 (0x 39 ) bytes
Table Type 1 ( 0x 01 ) found, size of 129 (0x 81 ) bytes
Table Type 2 ( 0x 02 ) found, size of 117 (0x 75 ) bytes
Table Type 3 ( 0x 03 ) found, size of 91 (0x 5B ) bytes
Table Type 4 ( 0x 04 ) found, size of 185 (0x B9 ) bytes
Table Type 7 ( 0x 07 ) found, size of 37 (0x 25 ) bytes
Table Type 10 ( 0x 0A ) found, size of 66 (0x 42 ) bytes
Table Type 11 ( 0x 0B ) found, size of 82 (0x 52 ) bytes
Table Type 12 ( 0x 0C ) found, size of 96 (0x 60 ) bytes
Table Type 14 ( 0x 0E ) found, size of 14 (0x 0E ) bytes
Table Type 16 ( 0x 10 ) found, size of 25 (0x 19 ) bytes
Table Type 17 ( 0x 11 ) found, size of 113 (0x 71 ) bytes
Table Type 19 ( 0x 13 ) found, size of 33 (0x 21 ) bytes
Table Type 20 ( 0x 14 ) found, size of 37 (0x 25 ) bytes
MEBx Version 0.0.0.0000
GbE Version Unknown
Descriptor Version 1.0
Vendor ID 8086
FW Version 12.0.31.1416 H Consumer
LMS Version Not Available
MEI Driver Version 1914.12.0.1256

PMC FW Version 300.2.11.1020

PCH Information
PCH Version 10
PCH Device ID A30D
PCH Step Data B2
PCH SKU Type Production PRQ Revenue
PCH Replacement Counter 0
PCH Replacement State Disabled
PCH Unlocked State Disabled

FW Capabilities 0x31119140

Protect Audio Video Path - PRESENT/ENABLED
Intel(R) Dynamic Application Loader - PRESENT/ENABLED
Service Advertisement & Discovery - NOT PRESENT
Intel(R) Platform Trust Technology - PRESENT/ENABLED
Persistent RTC and Memory - PRESENT/ENABLED


Capability Licensing Service Enabled
End of Manufacturing Enable Yes
Local FWUpdate Enabled
OEM ID 00000000-0000-0000-0000-000000000000
Integrated Sensor Hub Initial Power State Disabled
Intel(R) PTT Supported Yes
Intel(R) PTT initial power-up state Enabled
OEM Tag 0x00
PAVP Supported Yes
Post Manufacturing NVAR Config Enabled Yes
TLS Disabled

FW Type Production
Last ME reset reason Global system reset
BIOS Config Lock Enabled
GbE Config Lock Enabled
Host Read Access to ME Enabled
Host Write Access to ME Enabled
Host Read Access to EC Enabled
Host Write Access to EC Enabled
Protected Range Register Base #0 0x0
Protected Range Register Limit #0 0x0
Protected Range Register Base #1 0x0
Protected Range Register Limit #1 0x0
Protected Range Register Base #2 0x0
Protected Range Register Limit #2 0x0
Protected Range Register Base #3 0x0
Protected Range Register Limit #3 0x0
Protected Range Register Base #4 0x0
Protected Range Register Limit #4 0x0
SPI Flash ID 1 EF4018
SPI Flash ID 2 Not Available
BIOS boot State Post Boot
Slot 1 Board Manufacturer 0x00000000
Slot 2 System Assembler 0x00000000
Slot 3 Reserved 0x00000000
M3 Autotest Disabled
EPID Group ID 0x28CC
Keybox Not Provisioned
Minimum Allowed Anti Rollback SVN 1
Image Anti Rollback SVN 5
Trusted Computing Base SVN 1
Re-key needed False
HW Binding Enabled


FPF UEP ME FW
*In Use
--- --- -----
Enforcement Policy 0x00 0x00 0x00
EK Revoke State Not Revoked Not Revoked Not Revoked # Not Revoked=0, Revoked=1
PTT Enabled Enabled Enabled # Disabled=0, Enabled=1
OEM ID 0x00 0x00 0x00
OEM Key Manifest Present Not Present Not Present Not Present # Not Present=0, Present=1
OEM Platform ID 0x00 0x00 0x00
OEM Secure Boot Policy 0x00 0x00 0x00
CPU Debugging Enabled Enabled Enabled # Enabled=0, Disabled=1
BSP Initialization Enabled Enabled Enabled # Enabled=0, Disabled=1
Protect BIOS Environment Disabled Disabled Disabled # Disabled=0, Enabled=1
Measured Boot Disabled Disabled Disabled # Disabled=0, Enabled=1
Verified Boot Disabled Disabled Disabled # Disabled=0, Enabled=1
Key Manifest ID 0x00 0x00 0x00
Persistent PRTC Backup Power Enabled Enabled Enabled # Enabled=0, Disabled=1
RPMB Migration Done Disabled Disabled Disabled # Disabled=0, Enabled=1
SOC Config Lock Done Not Done Done # Not Done=0, Done=1
SPI Boot Source Enabled Enabled Enabled # Enabled=0, Disabled=1
TXT Supported Enabled Enabled Enabled # Disabled=0, Enabled=1
 
ACM SVN FPF 0x00
BSMM SVN FPF 0x00
KM SVN FPF 0x00
OEM Public Key Hash FPF 0000000000000000000000000000000000000000000000000000000000000000
OEM Public Key Hash UEP 0000000000000000000000000000000000000000000000000000000000000000
OEM Public Key Hash ME FW 0000000000000000000000000000000000000000000000000000000000000000
PTT Lockout Override Counter FPF 0x05
 
 


The difference between -verbose before and after is only this



2.5 But then I run again fptw -d and fptw -f and again it says that ME disabled



It's not a good, rt?

3. I also have another question, we are unlocking bios and making it accessible from command prompt, right? From the view of IT security, malware threats and unattended access of other users, how safe is it? Can I make my system real secure like enable security boot, set supervisor password in bios but then it means I need an option to prohibit access to bios from OS so it is opposite to what we do

@Hyppo - #1 - yes, I would compare and unlock it all, once you send images to me, of course I would - I asked for the images for that reason, why wouldn’t I?
Yes, some settings will be hidden or possibly grayed out, until something above them is enabled, but those should be very few. If you find those, you can let me know which control that, and what they make visible, then I can do any still missing.
But again, that’s not going going to be very many things setup like that. Now, once I ungray something, then you may have more that do this, like the Overclock option, but when I ungray something I’ll probably unlock everything tied to it at same ungray edit.

#2. - OK, I will fix ME FW then! GbE is Intel Gigabit Internet, it’s a BIOS module, some BIOS do not have this, so that can be ignored (PDR messages too)

Let me ask Plutomaniac if he knows why from your MEInfo report above, why FPT would say that ME Disabled image, but I assume it just needs ME FW updated and reset which I’ll do right now anyway while we wait on his reply, and then if he says something different than that needs done we can do next.
For now though, all this proves we’ve got all your locks removed, and can now move forward always with FPT instead of programmer, so you can redo your paste and put system back together now. Just don’t flash in any early mod BIOS before I removed all locks, or stock BIOS, and it will all remain unlocked.

#3 - The locks I removed allow FPT use from DOS or windows. It’s fine, unless you think someone is going to physically sit in front of your computer and install a virus from USB Stick.
BIOS password only helps with the above mention situation too, no need for that unless you want to lock out your wife or room mate etc from changing your BIOS settings
Yes, you can enable secure boot if you want, that may require you to reinstall your OS, and the BIOS and or your hardware may not support it either (I’ve not looked at that)
The main thing these allow is BIOS flashing by someone sitting at your computer, if you don’t have to worry about that, then you don’t need these enabled.

New BIOS coming shortly with fixed, updated ME FW

Plutomaniac - can you please check above FPT image vs the MEInfo report, and maybe tell me why FPT says "Warning - Unable to detect ME Disabled"
I plan to redo/UPD the ME FW, but just in case this carries on past that, I wanted to know if you can spot why this is in the report or from past experience, in case it carries over so I can fix if need be.

* Edit 2 - @Hyppo - here is BIOS with all previous changed + ME FW fixed - http://s000.tinyupload.com/index.php?fil…719575951890072

Flash it like this >> FPTw.exe -f FVM2.bin
The, before reboot >> FPTw.exe -greset

Then, enter BIOS, load optimized and save/exit, reboot back to BIOS and make all changes you need.
After that, boot to windows, and test again this >> FPTw.exe -f FVM2.bin

On that last flash, do you get same “ME Disabled” message? If yes, please provide new MEInfoWin.exe - verbose log for plutomaniac to inspect.

@Lost_N_BIOS

So I did FPTw.exe -f FVM2.bin



then -greset, system rebooted auto, then loaded bios setup defaults and then booted to the windows
but message was still there



And verbose shown following

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
Intel (R) MEInfo Version: 12.0.40.1433
Copyright (C) 2005 - 2019, Intel Corporation. All rights reserved.
 
LPC Device Id: A30D.
Platform: Cannonlake Platform
 
Windows OS Version : 10.0
 
FW Status Register1: 0x90132044
FW Status Register2: 0x348A0040
FW Status Register3: 0x00000020
FW Status Register4: 0x00000004
FW Status Register5: 0x00000000
FW Status Register6: 0x40000000
CurrentState: Disabled
ManufacturingMode: Disabled
FlashPartition: Valid
OperationalState: CM0 with UMA
InitComplete: Initializing
BUPLoadState: Success
ErrorCode: Disabled
ModeOfOperation: Temporary Disable mode
SPI Flash Log: Present
Phase: BringUp
ME File System Corrupted: Yes
PhaseStatus: HECI_LINK_RESET_DONE
FPF and ME Config Status: Committed
 
Error 198: ME disabled.
 
 


But after that I decided to reboot and then run FPTw.exe -f FVM2.bin again then rebooted and now those commands are not working



and verbose is

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
c:\yy\WIN32>meinfowin -verbose
Intel (R) MEInfo Version: 12.0.40.1433
Copyright (C) 2005 - 2019, Intel Corporation. All rights reserved.
 
LPC Device Id: A30D.
Platform: Cannonlake Platform
 
Windows OS Version : 10.0
 
Table Type 255 ( 0x FF ) found, size of 0 (0x 00 ) bytes
Table Type 0 ( 0x 00 ) found, size of 57 (0x 39 ) bytes
Table Type 1 ( 0x 01 ) found, size of 129 (0x 81 ) bytes
Table Type 2 ( 0x 02 ) found, size of 117 (0x 75 ) bytes
Table Type 3 ( 0x 03 ) found, size of 91 (0x 5B ) bytes
Table Type 4 ( 0x 04 ) found, size of 185 (0x B9 ) bytes
Table Type 7 ( 0x 07 ) found, size of 37 (0x 25 ) bytes
Table Type 10 ( 0x 0A ) found, size of 66 (0x 42 ) bytes
Table Type 11 ( 0x 0B ) found, size of 82 (0x 52 ) bytes
Table Type 12 ( 0x 0C ) found, size of 96 (0x 60 ) bytes
Table Type 14 ( 0x 0E ) found, size of 14 (0x 0E ) bytes
Table Type 0 ( 0x 00 ) found, size of 57 (0x 39 ) bytes
Table Type 1 ( 0x 01 ) found, size of 129 (0x 81 ) bytes
Table Type 2 ( 0x 02 ) found, size of 117 (0x 75 ) bytes
Table Type 3 ( 0x 03 ) found, size of 91 (0x 5B ) bytes
Table Type 4 ( 0x 04 ) found, size of 185 (0x B9 ) bytes
Table Type 7 ( 0x 07 ) found, size of 37 (0x 25 ) bytes
Table Type 10 ( 0x 0A ) found, size of 66 (0x 42 ) bytes
Table Type 11 ( 0x 0B ) found, size of 82 (0x 52 ) bytes
Table Type 12 ( 0x 0C ) found, size of 96 (0x 60 ) bytes
Table Type 14 ( 0x 0E ) found, size of 14 (0x 0E ) bytes
Table Type 16 ( 0x 10 ) found, size of 25 (0x 19 ) bytes
Table Type 17 ( 0x 11 ) found, size of 113 (0x 71 ) bytes
Table Type 19 ( 0x 13 ) found, size of 33 (0x 21 ) bytes
Table Type 20 ( 0x 14 ) found, size of 37 (0x 25 ) bytes
Table Type 131 ( 0x 83 ) found, size of 66 (0x 42 ) bytes
Table Type 170 ( 0x AA ) found, size of 84 (0x 54 ) bytes
Table Type 171 ( 0x AB ) found, size of 46 (0x 2E ) bytes
Table Type 172 ( 0x AC ) found, size of 41 (0x 29 ) bytes
Table Type 173 ( 0x AD ) found, size of 11 (0x 0B ) bytes
Table Type 219 ( 0x DB ) found, size of 127 (0x 7F ) bytes
Assertion failed: 0, file ..\..\..\common\utils\sm_bios_parser.c, line 1054
 


Tried -greset but it doesn't work also with error Getsystemfirmwaretable failed

Flash back in last previous BIOS I sent you (ie Post #10) >> FPTw.exe -rewrite -f lastbiosIsent.bin
Then >> FPTw.exe -greset
Then load optimized, reboot, settings you need, windows.

And then wait. We need to have plutomaniac’s input about this ME Disabled thing, since ME isn’t and shouldn’t be disabled in the first place, so there is some issue I don’t see and it carried over when I updated the ME FW too (So that was no help)

Plutomaniac - Can you please check my question at post #14 when time permits, BIOS being used and in question there is at post #10
I tried to update ME FW to resolve the issue, it seems from above post that it carried over anyway, so asked him to flash back to BIOS in post #10

Thanks

Did it, flashed bios from post 10 using FPTW and it’s all ok and verbose is working again

I’m on vacation, I can’t check. Ignore that message if you can re-flash, not important.

Plutomaniac - thanks! Yes, all is OK and system is working/flashable before and after issue, but seems I can’t update his ME FW via the guide, and that message is there before/after/always, so there is some issue.
This was only reason to update ME, to try and get that message gone, seems like ME messed up somehow

When you get back in from vacation, let me know and I’ll try to remind you to check this if you forget. In meantime, looks like we wait for now because I can’t see the issue.

@Lost_N_BIOS
So those bios from post 10 is fine?
It has unlocked advanced menu, enabled overclock setting, unlocked FD/FPRR and the only thing uncertain is the message about ME? Probably it’s just a message and maybe I even don’t need this ME at all
So I can proceed with final assembling of laptop and apply proper thermopaste, correct?