search

Mattiwatti / EfiGuard

Disable PatchGuard and Driver Signature Enforcement at boot time
GNU General Public License v3.0
1.78k stars 337 forks source link

EAC error: Patched Windows boot loader detected. [Kernel Patch Protection disabled] #114

Closed dxrrk closed 8 months ago

dxrrk commented 9 months ago

Question description

Is there any way to bypass this? I am using rainbow EFI spoofer as my SSD is HWID banned on Fortnite and I want to play again but can't afford a new SSD. Without using EfiGuard alongside it, I BSOD randomly through matches using rainbow on its own. BattlEye works fine and doesn't give me any errors, allowing me to play for hours perfectly meanwhile EAC is causing me problems launching the game.

NiiightmareXD commented 9 months ago

Question description

Is there any way to bypass this? I am using rainbow EFI spoofer as my SSD is HWID banned on Fortnite and I want to play again but can't afford a new SSD. Without using EfiGuard alongside it, I BSOD randomly through matches using rainbow on its own. BattlEye works fine and doesn't give me any errors, allowing me to play for hours perfectly meanwhile EAC is causing me problems launching the game.

What is your windows version?

Mattiwatti commented 8 months ago

Sure, there's a bunch of pretty simple ways to "bypass" [sic] this:

  1. Use EfiGuard for something other than cheating in video games. I honestly find this one to work best! Because anti-cheat software does not generally like software that (intentionally or as a side effect) facilitates cheating in video games, this method tends to cause fewer issues overall. (That's where the anti in 'anti-cheat' comes from.)

  2. Stop literally stacking bootkits to enable your video game cheating as if more is better, like they're vitamin pills or booster shots for the flu. You don't even need EfiGuard to cheat in games. Its purpose is to disable PatchGuard, and the ability to disable DSE is merely provided for convenience. If you think you need to disable PatchGuard to cheat in games, you are almost definitely wrong.

    Side note: I don't know what this """rainbow""" you mention is (feel free to link any information whatsoever...), but one thing I know for sure is that I did not write it. The reason why this matters is that just because you can load a game having 'only' """rainbow""" loaded, but not EfiGuard, that does not necessarily mean that the problem is with EfiGuard. It could just as well be the other component in your cheater booster pack exposing EfiGuard's presence when it is loaded - either as a side effect of something this component does, or simply because it is poorly written software.

    • The correct order of operations to verify this would have been to: isolate EfiGuard and identify it as the cause, and not to: isolate some other completely unrelated driver, see that it now works, and then infer from this that the cause must be EfiGuard.

    Why does this matter? For one, so that you can report your issue on the repository that is actually responsible for it, meaning it is more likely to get fixed! And for two, because this might save someone time investigating a non-existent issue.

  3. Read all the way up to the third(!) release note line for the current version of EfiGuard, and realise it mentions literally this exact issue, states that this was a regression, and that it was fixed in v1.4. (Though only on Windows 11 and up - both this and the reason for this limitation are also pretty clearly mentioned.)

image (Exhibit A: an EAC-enabled game running with no issues, even though an unsigned driver was clearly loaded.)

Closing this now as I've posted no less than three methods you can use to fix your issue. (No need to follow up to inform which one you decided to go with - please understand that I do not care.)

NiiightmareXD commented 8 months ago

This is the rainbow spoofer that they were talking about:

https://github.com/SamuelTulach/rainbow

I'm not sure what it has to do with EfiGuard though.