How to Use EfiGuard to Disable PatchGuard

Here is a cool video demonstrating how to use EfiGuard: https://www.youtube.com/watch?v=EJGuJp2fqpM. This post will condense the information into a non-video format, and is explicitly for vmware VMs.

mountvol M: /S
cd M:\EFI\Boot
copy C:\EfiGuard-v1.2.1\EFI\Boot\Loader.efi .
copy C:\EfiGuard-v1.2.1\EFI\Boot\EfiGuardDxe.efi .

The mountvol command with the /S flag mounts the EFI System Partition on the M:\ drive. We then copy the specified EfiGuard files into the system partition.

Now we need to configure the bios to booth EfiGuard. Reboot the vm and when the vmware splash screen is showing keep pressing Escape and F2, to get into the BIOS, then go to the setup:

Then go to Configure boot options:

Then go to Add boot option:

Select the entry that says GPT and hit enter

Go Into EFI

Then into Boot

Select Loader.efi which is one of the files we copied into this partition

Give the entry a name and commit the changes

Optionally, go to Change boot order and move the efiguard entry to the top, else, you will have to manually select it on each reboot.

Boot into efiguard

Open an admin prompt and run the following command

EfiDSEFix.exe -d

Now patchguard has been disabled.