Question Windows Secured Boot

Toggle sidebar Toggle sidebar
L

lvaughn3

Dec 16, 2021
3
0
10
I have replaced all of the major hardware in my system with new . New ASUS Motherboard, New Intel I5 cpu , new Graphics card , already had a SSD hard drive but Motherboard allowed for M2 hard drive so added that as well. I cannot install Windows 11 because of secured boot error. motherboard will not allow turning off CSM secured boot. Any suggestions?

The hardware is as follows:
original hard drive with system installed SSD PNY CS1311 480 gb
CPU: 11gen Intel Core i5
Motherboard: ASUS B560-A
Graphic Card: NVIDIA GEFORCE GTX 1050 Ti
 
Last edited:
Sort by date Sort by votes
windows 11 needs secure boot, but you can disable tom check and secure boot check by this command file ... go to notepad and type this command



Code: 
@(set "0=%~f0"^)#) & powershell -nop -c iex([io.file]::ReadAllText($env:0)) & exit/b
#:: double-click to run or just copy-paste into powershell - it's a standalone hybrid script
#:: v5 of the toggle script uses programdata instead of system32, no longer deletes appraiserres.dll, and clears bypass folder
#:: uses IFEO to attach to Virtual Disk Service Loader process running during setup, then creates a bypass dir
#:: it must also do some ping-pong renaming of vdsldr in programdata
#:: you probably don't need to have it installed at all times - just when doing feature updates or manual setup within windows
#:: hence the on off toggle just by running the script again
#:: can get 11 release beta or dev builds via Windows Update after using OfflineInsiderEnroll by whatever127 and abbodi1406

$_Paste_in_Powershell = {
  $N = "Skip TPM Check on Dynamic Update"; $X = @("' $N (c) AveYo 2021 : v4 IFEO-based with no flashing cmd window")
  $X+= 'C = "cmd /q AveYo /d/x/r pushd %systemdrive%\\$windows.~bt\\Sources\\Panther && mkdir Appraiser_Data.ini\\AveYo&"'
  $X+= 'M = "pushd %allusersprofile%& ren vd.exe vdsldr.exe &robocopy ""%systemroot%/system32/"" ""./"" ""vdsldr.exe""&"'
  $X+= 'D = "ren vdsldr.exe vd.exe& start vd.exe -Embedding" : CreateObject("WScript.Shell").Run C & M & D, 0, False'   
  $K = 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vdsldr.exe'
  $P = [Environment]::GetFolderPath('CommonApplicationData'); $F = join-path $P '11tpm.vbs'; $V = "wscript $F //B //T:5"
  if (test-path $K) {
    remove-item $K -force -ea 0 >''; del $F -force -ea 0; del (join-path $P 'vd.exe') -force -ea 0
    write-host -fore 0xf -back 0xd "`n $N v4 [REMOVED] run again to install "
  } else {
    new-item $K -force -ea 0 >''; set-itemproperty $K 'Debugger' $V -force -ea 0; [io.file]::WriteAllText($F, $X-join"`r`n")
    write-host -fore 0xf -back 0x2 "`n $N v4 [INSTALLED] run again to remove "
  } ;  rmdir $([Environment]::SystemDirectory[0]+':\\$Windows.~BT\\Sources\\Panther') -rec -force -ea 0; timeout /t 5
} ; start powershell -args "-nop -c & {`n`n$($_Paste_in_Powershell-replace'"','\"')}" -verb runas
$_Press_Enter
#::






AFter that rename it as "bypass secure boot + tpm check.cmd" (without quotes)
and then run it as ADMINISTRATOR and then... viola you are good to go

(i thought about you question but i didnt understand it well, i posted the above thinking that you can not install win 11 bcz of the secure boot check) if this is not what you wanted pls reply again specifying the probe :)
 
Upvote 0 Downvote
@lvaughn3

Do not run any code as suggested in Post #2 above.

The code is making registry edits and such editing is and should be a very last resort. And, full disclosure, the code is doing other things that I am not at all sure about.

Update your post to include full system hardware specs: make and model information for all components.

For the most part, provided that I correctly understand your post, it appears you installed an boot SSD from another computer.

Doing so is quite problematic and unlikely to work.

What you most likely need to do is a clean Windows install.

https://forums.tomshardware.com/faq/windows-10-clean-install-tutorial.3170366/

But before that: update your post.
 
Upvote 0 Downvote
I have no way to test or otherwise verify your code.

And this line:

"#:: can get 11 release beta or dev builds via Windows Update after using OfflineInsiderEnroll by whatever127 and abbodi1406"

OfflineInsiderEnroll:

https://github.com/abbodi1406/offlineinsiderenroll

From the link:

"This script takes advantage of undocumented TestFlags registry value. If this value is set to 0x20, all access to online Windows Insider services gets disabled. Because of this, we can set our own Windows Insider Preview configuration without being overriden by the contact to the service. Since Windows Update does not check if machine is actually enrolled to the program, you will get offered Insider Preview builds by just setting correct values in the registry. "

What works in Beta, etc. may not work in a final release.

@lvaughn3 will need to decide what to do next.

If interested in your code then he or she is free to experiment and to respond accordingly.

However, my recommendation is to do a clean Windows 10 install.

There is really no driving need to install Windows 11. Plus any workarounds etc. may become moot with some future change or update to Windows 11.

And then cause more problems....

Overall, Windows 10 should be good for quite awhile longer.

There may be other ideas and suggestions offered. I have no problem with that.
 
Upvote 0 Downvote
Ralston18 said:
@lvaughn3

Do not run any code as suggested in Post #2 above.

The code is making registry edits and such editing is and should be a very last resort. And, full disclosure, the code is doing other things that I am not at all sure about.

Update your post to include full system hardware specs: make and model information for all components.

For the most part, provided that I correctly understand your post, it appears you installed an boot SSD from another computer.

Doing so is quite problematic and unlikely to work.

What you most likely need to do is a clean Windows install.

https://forums.tomshardware.com/faq/windows-10-clean-install-tutorial.3170366/

But before that: update your post.
Click to expand...
I have update the system info. thanks for looking at this
 
Upvote 0 Downvote
Yes check TPM by going to win+r > tpm.msc and then the management console will open... then check your tpm by going to the status section and it will say weather u have tpm 2.0 or lower... (you must have tpm 2.0 to install win 11, unless you use my code mentioned above :) )
------------------------------------------------------------------------------

...
 
Last edited by a moderator:
Upvote 0 Downvote
Colif said:
MB doesn't need a tpm chip, its a new MB, it has the ppt function which is software tpm.
it runs the tpm function off the CPU
it has tpm 2.0 so it doesn't need to bypass anything in windows 11. Code not needed.
Click to expand...
I did read about TPM 2.0 in the manual. Any idea why I cannot set up UEFI SecureBoot when I disable CSM secure Boot it will not proceed pass the BIOs screen
 
Upvote 0 Downvote
lvaughn3 said:
I did read about TPM 2.0 in the manual. Any idea why I cannot set up UEFI SecureBoot when I disable CSM secure Boot it will not proceed pass the BIOs screen
Click to expand...
im having a similar issue, but with an amd gpu instead, i believe this a hardware or vbios or rom issue form the gpu, i cant run any system in ufei bios mode with my gpu, even tho the GPU-Z confirms its stock bios, and ufei section is checked, and even my Windows is in ufei mode, but i cant run the gpu under ufei mode, only works in csm mode, it seems like its missing gop drivers or something, it beeps when you try to post with ufei mode
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom