search

Mattiwatti / EfiGuard

Disable PatchGuard and Driver Signature Enforcement at boot time
GNU General Public License v3.0
1.71k stars 329 forks source link

EfiGuard doesn't boot into windows #64

Closed adzkii-i closed 1 year ago

adzkii-i commented 1 year ago

EfiGuard doesn't boot into windows. it just sleeps on it, i waited 10mins but doesn't boot. output shows it's been patched. windows 11 UEFI. secure boot, hyper-v, hvci and tpm all disabled.

\EFI\Boot >
Loader.efi >renamed to> bootx64.efi
EfiGuardDxe.efi
Loader.config.efi

please see the video i attached.

efidsefix.exe -d 

Disabling DSE...
CI!g_CiOptions at 0xFFFFF8073BBB2004.
Failure: EFI SetVariable() did not return any data.
The EfiGuard DXE driver is either not loaded in SETVARIABLE_HOOK mode, or it is malfunctioning.
AdjustCiOptions failed: C000000E

efidsefix.exe -i

SystemBootEnvironmentInformation:
        - BootIdentifier: {a7de7471-24cd-11ed-8330-503eaa22d857}
        - FirmwareType: UEFI
        - BootFlags: 0x0

SystemModuleInformation:
        - Kernel: ntoskrnl.exe (\SystemRoot\system32\ntoskrnl.exe)

SystemCodeIntegrityInformation:
        - IntegrityOptions: 0x0B01

SystemKernelDebuggerInformation:
        - KernelDebuggerEnabled: 0
        - KernelDebuggerNotPresent: 1

SystemKernelDebuggerInformationEx:
        - DebuggerAllowed: 0
        - DebuggerEnabled: 0
        - DebuggerPresent: 0

SharedUserData->KdDebuggerEnabled: 0x00

SystemKernelDebuggerFlags: 0x00

SystemCodeIntegrityPolicyInformation:
        - Options: 0x40000000
        - HVCIOptions: 0x0000

bcdedit

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-GB
inherit                 {globalsettings}
flightsigning           Yes
default                 {current}
resumeobject            {a7de7470-24cd-11ed-8330-503eaa22d857}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 0

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 11
locale                  en-GB
inherit                 {bootloadersettings}
recoverysequence        {db8bb1c4-24cd-11ed-8331-f7c064dd9419}
displaymessageoverride  Recovery
recoveryenabled         Yes
isolatedcontext         Yes
flightsigning           Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {a7de7470-24cd-11ed-8330-503eaa22d857}
nx                      OptIn
bootmenupolicy          Standard
hypervisorlaunchtype    Off

IMG_20220827_183245

https://user-images.githubusercontent.com/38789311/187042743-1f7f5c71-c3b4-4fdc-9293-9993cb073eca.mp4

adzkii-i commented 1 year ago

closing this. was able to boot after moving away from windows insider build. it's working flawless now.