14. Enter:
to format the partition as NTFS and label it WINDOWS.
Format-Volume -FileSystem NTFS -NewFileSystemLabel "WINDOWS" -DriveLetter "W" -Force
to format the partition as NTFS and label it WINDOWS.
DriveLetter FriendlyName FileSystemType DriveType HealthStatus OperationalStatus SizeRemaining Size
----------- ------------ -------------- --------- ------------ ----------------- ------------- ----
W WINDOWS NTFS Removable Healthy OK 57.08 GB 57.17 GB
With our drive partitioned and formatted we now need to copy the system boot files.
15. Enter
To copy the system boot files for UEFI to the EFI partition.
bcdboot $env:SystemRoot /s S: /f UEFI
To copy the system boot files for UEFI to the EFI partition.
Boot files successfully created.
Notice we used the powershell environment variable $env:SystemRoom to substitue for C:\Windows.
This will work even if Windows was installed to D:\Windows or C:\Win.
16. Enter:
To switch to our system partition.
17. Enter:
16. Enter:
S:
To switch to our system partition.
17. Enter:
dirTo view a directory listing.
Directory: S:\
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 2/5/2022 1:36 PM EFI
Notice the EFI partition was created.
18. Enter:
To change to the EFI directory.
19. Enter:
18. Enter:
cd EFI
To change to the EFI directory.
19. Enter:
dirTo view a directory listing.
Directory: S:\EFI
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 2/5/2022 1:36 PM Microsoft
d----- 2/5/2022 1:36 PM Boot
Notice two directories: Boot which is the default UEFI path and Microsoft which is unique to Windows.
20. Enter:
To view the Boot directory contents.
20. Enter:
dir Boot
To view the Boot directory contents.
Directory: S:\EFI\BOOT
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 2/1/2022 3:22 PM 1559920 bootx64.efi
Notice bootx64.efi which is the default UEFI boot loader.
21. Enter:
To view the Microsoft EFI Boot directory.
21. Enter:
dir Microsoft\Boot
To view the Microsoft EFI Boot directory.
*** LANGUAGE FOLDERS OMITTED ***
d----- 2/5/2022 1:36 PM Fonts
d----- 2/5/2022 1:36 PM Resources
-a---- 10/6/2021 6:51 AM 5145 boot.stl
-a---- 2/1/2022 3:22 PM 1559920 bootmgfw.efi
-a---- 2/1/2022 3:22 PM 1542472 bootmgr.efi
-a---- 12/7/2019 1:09 AM 17720 kdnet_uart16550.dll
-a---- 10/6/2021 6:51 AM 27464 kdstub.dll
-a---- 12/7/2019 1:09 AM 31544 kd_02_10df.dll
-a---- 12/7/2019 1:09 AM 379192 kd_02_10ec.dll
-a---- 12/7/2019 1:09 AM 26424 kd_02_1137.dll
-a---- 12/7/2019 1:09 AM 239928 kd_02_14e4.dll
-a---- 12/7/2019 1:09 AM 44344 kd_02_15b3.dll
-a---- 12/7/2019 1:09 AM 44344 kd_02_1969.dll
-a---- 12/7/2019 1:09 AM 31544 kd_02_19a2.dll
-a---- 12/7/2019 1:09 AM 20280 kd_02_1af4.dll
-a---- 12/7/2019 1:09 AM 298296 kd_02_8086.dll
-a---- 12/7/2019 1:09 AM 18960 kd_07_1415.dll
-a---- 12/7/2019 1:09 AM 48952 kd_0C_8086.dll
-a---- 2/1/2022 3:22 PM 1349432 memtest.efi
-a---- 12/7/2019 1:08 AM 9796 winsipolicy.p7b
-a---- 2/5/2022 1:36 PM 20480 BCD
Notice bootmgfw.efi which is the default Boot Manager for Windows 10 has the same file size as bootx64.efi.
22. Enter:
To get a SHA256 hash of the file.
23. Enter:
To get a SHA256 hash as well.
22. Enter:
get-filehash .\Boot\bootx64.efi
To get a SHA256 hash of the file.
23. Enter:
get-filehash .\Microsoft\Boot\bootmgfw.efi
To get a SHA256 hash as well.
PS S:\EFI> get-filehash .\Boot\bootx64.efi
Algorithm Hash Path
--------- ---- ----
SHA256 46748BCAC9F362133158176E31AE1431BC9D2DAB57A65CBD9A54979C6BDE4C95 S:\EFI\Boot\bootx64.efi
PS S:\EFI> get-filehash .\Microsoft\Boot\bootmgfw.efi
Algorithm Hash Path
--------- ---- ----
SHA256 46748BCAC9F362133158176E31AE1431BC9D2DAB57A65CBD9A54979C6BDE4C95 S:\EFI\Microsoft\Boot\bootmgfw.efi
They are the same file. Windows just makes of copy of its Boot Manager and puts it in the default
\EFI\Boot\bootx64.efi file. Notice the BCD registry is also in this directory. Let's look at its contents.
24. Enter:
To view the BCD entries.
24. Enter:
bcdedit /store .\Microsoft\Boot\BCD /enum /v
To view the BCD entries.
Windows Boot Manager
--------------------
identifier {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device partition=S:
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale en-us
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
default {bd73a7a0-86cb-11ec-8657-525400febabb}
resumeobject {bd73a79f-86cb-11ec-8657-525400febabb}
displayorder {bd73a7a0-86cb-11ec-8657-525400febabb}
toolsdisplayorder {b2721d73-1db4-4c62-bf78-c548a880142d}
timeout 30
Windows Boot Loader
-------------------
identifier {bd73a7a0-86cb-11ec-8657-525400febabb}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10
locale en-us
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {bd73a79f-86cb-11ec-8657-525400febabb}
nx OptIn
bootmenupolicy Standard
Note that since we copied the configuration files from our system drive,
the Windows Boot Loader is set to the C:\Windows\system32\winload.efi path.
Let's compare this BCD registry to the one on our host system.
25. Enter:
To view the BCD entries on the host machine. Excluding the /store switch will default to loading the system BCD file.
25. Enter:
bcdedit /enum /v
To view the BCD entries on the host machine. Excluding the /store switch will default to loading the system BCD file.
Windows Boot Manager
--------------------
identifier {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale en-US
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
default {0fefbebb-83ca-11ec-b344-a67ff87d56db}
resumeobject {0fefbeba-83ca-11ec-b344-a67ff87d56db}
displayorder {0fefbebb-83ca-11ec-b344-a67ff87d56db}
toolsdisplayorder {b2721d73-1db4-4c62-bf78-c548a880142d}
timeout 30
Windows Boot Loader
-------------------
identifier {0fefbebb-83ca-11ec-b344-a67ff87d56db}
device partition=C:
path \Windows\system32\winload.exe
description Windows 10
locale en-US
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
recoverysequence {0fefbebc-83ca-11ec-b344-a67ff87d56db}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {0fefbeba-83ca-11ec-b344-a67ff87d56db}
nx OptIn
bootmenupolicy Standard
- What are the differences in this entry?
- Is this system configured to use UEFI booting or MBR?
- How can you tell?
- BONUS research question: What is bootmgr.efi used for?
It should be noted that while BCDedit allows you to change Windows Boot Loader settings, it does not allow users to change EFI NVRAM settings. Linux provides an efibootmgr utility which can edit EFI NVRAM settings directly.