Look in the screenshot, says HVCI disabled. I disabled secureboot. That shuts down HVCI. Its installed as an optional feature, but not active... windows system information and hwinfo both say disabled. I'll disable everything regardless when I have the time just to confirm what actually happens.Are you sure Hyper-V is completely disabled? Sometimes even after disabling HVCI, Hyper-V can remain active. The main window of HWiNFO should tell you whether Hyper-V is active.
Appears that this turns out to not be true. Turns out Hyper-V was already disabled in optional features. So, I disabled "Windows Hypervisor Platform" instead, all device guard features via group policy, and secure boot, and the result is the same. Bcdedit hypervisorlaunchtype is also set to the default "auto". HWINFO is not listing VMX.Hyper-V can be active regardless of HVCI or Secure Boot state. Check the "Turn Windows features on or off".
Ok, but System Guard is not loading, which depends on TXT/SMX. Theoretically if the bit was disabled in the bios, windows should still load SMX? Are those features on top of SMX necessary for it to function properly? Can you name those features?Even Viewer probably means that SGX is disabled via MSR, not TXT. There are several features on top of SMX/TXT. MSR_FEATURE_CONTROL doesn't seem to be capable of disabling TXT.