Question Vendor keys modified

Toggle sidebar Toggle sidebar
N

Nokeys

Dec 7, 2024
27
0
30
EVGA Z490 dark kingpin edition

I was trying to turn on secure boot and went into key management and clicked on stuff, now my vendor keys have went from "vendor keys valid" to "vendor keys modified". I have clicked the bios reset button on the back of the mother board to no avail still remains "vendor keys modified". My first question is how bad is it for it to say vendor keys modified? is there anyway to get it to return back to vendor keys valid? Will reupdating the bios return them to" vendor keys valid" (i think its called reflashing)? context my brother is giving his pc to my mom. Would not be surpried if he had someething on there and secure boot seems like a good thing to have on before i clean install windows 10 from installation media. Is there any complications that can occur from having secure boot on then clean installing windows(is it even a good idea to have on? It is still on windows 10? Can I get a summory on what key management does? what exacly did i click to get it to go from vendor keys valid to vendor keys modified so I can avoid it in the future? Should You "Export secure boot variables" onto a usb ? What does enroll efi image does it just import your secure boot variables? Does restore facory keys and restore db defaults do the same thing? what does "remove "uefi ca" from db"do? factory key provision disabled or enabled? I know this it a lot I know but I appreciate any assistance you can provide.:)
 
Sort by date Sort by votes
USAFRet said:
What are these "keys"?


"and went into key management and clicked on stuff"
What exactly did you do, step by step?

We need a LOT more details. Parts, steps you took, OS, etc, etc, etc...
Click to expand...
im using a Evga z490 kingpinedition motherboard i9 10900kf cpu. I was in my bios went to the boot tab then security was trying to turn on secure boot clicked enabled on secure boot didn't work said something about it cant turn on because of platform keys/pk system mode said setup secure boot mode was on custom went into key management clicked a on everything trying to learn think i could just click save without changes . after that i noticed it went from on top where it was previously "vendor keys valid" it was changed to "vendor keys modified"
 
Upvote 0 Downvote
Since this system is going to someone else, what happens when you try a basic clean OS install?
Full delete of all existing partitions, then install.

How To - Windows 10 clean install tutorial

If you are looking for the Windows 11 Clean install tutorial, you can find that here: Windows 11 Clean install tutorial (Click here) Otherwise, welcome to the Windows 10 Clean install tutorial This tutorial is intended to help you, step by step, to perform a clean install of Windows...
forums.tomshardware.com forums.tomshardware.com
 
Upvote 0 Downvote
USAFRet said:
Since this system is going to someone else, what happens when you try a basic clean OS install?
Full delete of all existing partitions, then install.

How To - Windows 10 clean install tutorial

If you are looking for the Windows 11 Clean install tutorial, you can find that here: Windows 11 Clean install tutorial (Click here) Otherwise, welcome to the Windows 10 Clean install tutorial This tutorial is intended to help you, step by step, to perform a clean install of Windows...
forums.tomshardware.com forums.tomshardware.com
Click to expand...
thanks for the guide :). the usb of windows 10 has already been made.wanted to resolve the secure boot bios issue before continuing. can send pictures if needed.
 
Upvote 0 Downvote
this is from a video on youtube i have a evga z490 and this is a z390 walkthough though it does say the same thing but on mine there a additional secure boot variable called "authorized timestamps" i can get you screen shots from my pc when i get home
TuIAHW0.png
tyrU6Mc.png
pXGYz5y.png
 
Upvote 0 Downvote
Nokeys said:
this is from a video on youtube i have a evga z490 and this is a z390 walkthough though it does say the same thing but on mine there a additional secure boot variable called "authorized timestamps" i can get you screen shots from my pc when i get home
TuIAHW0.png
tyrU6Mc.png
pXGYz5y.png
Click to expand...
the problems started when i the key management tab clicked a whole bunch of stuff trying to learn what everything did and now my vendor keys says modified
 
Last edited:
Upvote 0 Downvote
COLGeek said:
Ok. Then accept when you get the notice and proceed with whatever you are trying to do.
Click to expand...
Then secure boot wont work. I'm trying to turn it on not only for security reason but for if my mom decides she wants to switch to windows 11 it will already be ready. My most important question is will reflashing the bios make the vendor keys return to valid.
 
Upvote 0 Downvote
Upvote 0 Downvote
COLGeek said:
Not exactly clear, but you can try.

Also, have you reset the BIOS manually after making these changes (motherboard jumper or battery removal method)?
Click to expand...
no. always been nervous to do that method have only tried cmos button in the back of motherboard have also tried button button inside of motherboard. If i must i will try the battery battery removal method not sure how to do the jumper method but i can try that too
 
Upvote 0 Downvote
Jumper is just what it sounds like. In spite of system features, I always use the battery method.

These are the steps (start with system powered down, of course):

1. Remove all powered connections (power cable, video cable, and powered speakers, etc).
2. Remove the motherboard battery.
3. Press the power button to discharge residual power in the system's components.
4. Wait at least a minute (not really necessary, but won't hurt either).
5. Re-install the battery and reconnect the previously removed connections.
6. Power on (system should be in default settings state now).
 
Upvote 0 Downvote
COLGeek said:
Jumper is just what it sounds like. In spite of system features, I always use the battery method.

These are the steps (start with system powered down, of course):

1. Remove all powered connections (power cable, video cable, and powered speakers, etc).
2. Remove the motherboard battery.
3. Press the power button to discharge residual power in the system's components.
4. Wait at least a minute (not really necessary, but won't hurt either).
5. Re-install the battery and reconnect the previously removed connections.
6. Power on (system should be in default settings state now).
Click to expand...
unsuccessful. worst case i do the "reflash from usb with out cpu"option do you think either of these are my issue?
https://forums.evga.com/Cannot-get-into-BIOS-m3554410.aspx - https://nvidia.custhelp.com/app/ans...nvidia-gpu-firmware-update-tool-for-displayid(found in bottom of forum)

https://www.reddit.com/r/gigabyte/comments/x3vsxe/bios_wont_turn_on_after_enabling_secureboot/. - https://www.nvidia.com/en-us/drivers/nv-uefi-update-x64/(found throughout forum)
i am using a pg32ucdm monitor with i think 1.4 display port version
 
Last edited:
Upvote 0 Downvote
Nokeys said:
unsuccessful. worst case i do the "reflash from usb with out cpu"option do you think either of these are my issue?
https://forums.evga.com/Cannot-get-into-BIOS-m3554410.aspx - https://nvidia.custhelp.com/app/ans...nvidia-gpu-firmware-update-tool-for-displayid(found in bottom of forum)

https://www.reddit.com/r/gigabyte/comments/x3vsxe/bios_wont_turn_on_after_enabling_secureboot/. - https://www.nvidia.com/en-us/drivers/nv-uefi-update-x64/(found throughout forum)
i am using a pg32ucdm monitor with i think 1.4 display port version
Click to expand...
No to all of these. Try re-flashing the BIOS as you wrote a moment ago.
 
Upvote 0 Downvote
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom