I tried turning on Secure Boot in my Bios and now my PC ( Windows ) only boots to Clonezilla.

[email protected]

Troubleshooting Post-Secure Boot Activation: Restoring Your Windows Boot on an MSI Motherboard

Introduction

Enabling Secure Boot in the BIOS can enhance your system’s security by preventing unauthorized firmware, operating systems, or drivers from loading during startup. However, altering BIOS settings can sometimes lead to unexpected boot issues, especially if not carefully managed. In this guide, we explore common pitfalls encountered when enabling Secure Boot, particularly after modifying keys, and provide practical steps to resolve a scenario where a Windows system boots only into Clonezilla.

Scenario Overview

The user reports working with an MSI motherboard and attempting to activate Secure Boot to facilitate participation in the Battlefield 6 beta. During the process, they set Secure Boot to ‘Custom’ mode and enrolled factory default keys. Subsequently, their system no longer boots into Windows but defaults to Clonezilla, a disk imaging tool, indicating a potential boot configuration issue. Additional observations include a change in BIOS mode from “UEFI + Legacy” to solely “UEFI,” and some BIOS beep codes post-configuration.

Understanding the BIOS and Secure Boot Settings

Secure Boot requires UEFI mode, which helps prevent unauthorized bootloaders or operating systems from starting. When toggling Secure Boot to ‘Custom’ mode and enrolling default keys, the system’s boot configuration may change, potentially causing boot failures if Windows bootloader signatures are not trusted or properly signed.

Key Points:
– Enabling Secure Boot often requires UEFI mode—legacy support (CSM) may need to be disabled.
– Enrolling factory default keys resets the Secure Boot database but can affect OS bootability.
– BIOS beep codes can indicate hardware or configuration issues.

Troubleshooting Steps

  1. Verify BIOS Settings:
  2. Enter BIOS during system startup (usually by pressing ‘Delete’ or ‘F2’).
  3. Confirm that the boot mode is set exclusively to ‘UEFI’ (not ‘Legacy’ or ‘CSM’).
  4. Check that Secure Boot is enabled, preferably set to ‘Standard’ mode unless specific customization is needed.

  5. Review the enrolled keys: ensure that the Windows Secure Boot keys are present. If they were erased or replaced, Windows may not boot.

  6. Restore Default Secure Boot Keys:

  7. If you suspect key enrollment caused boot issues, try restoring to default keys:
    • In BIOS, locate the ‘Secure Boot’ menu.
    • Choose ‘Restore Factory Keys’ or ‘Reset to Default Keys’.

  8. Save changes and reboot.

  9. Repair

Share this content:

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *