F5F Stay Refreshed Software Operating Systems Unable to turn off security that relies on virtualization technology.

Unable to turn off security that relies on virtualization technology.

Unable to turn off security that relies on virtualization technology.

C
ChainChompz
Member
Find
187
04-23-2017, 12:19 PM
#1
Essentially, the problem began when I attempted to complete tasks in my virtual machine. Initially, I dismissed it due to lack of time, but now it's affecting my work. I'm looking for ways to turn it off for VMs, Ryzen Master, Nox, and similar applications. So far, I've tried adjusting settings in the Group Policy Manager, modifying the registry, uninstalling Hyper-V, and disabling my AMD TPM. None of these steps have resolved the issue. What's puzzling is that Windows Defender shows VBS enabled under Device Security, yet when I open the core isolation tab, the memory integrity switch is off. Turning it on triggers an error about potential incompatibility. I've followed nearly every guide available, but nothing seems to work. I'm using a Ryzen 7 1700 with MSI B350 Gaming Pro Carbon BIOS, Corsair Vengeance 32 GB at 2933 MHz, and Windows version 17763.437. Any assistance would be greatly appreciated—feel free to ask anything you need.
Reply
Reply
C
ChainChompz
04-23-2017, 12:19 PM #1

Essentially, the problem began when I attempted to complete tasks in my virtual machine. Initially, I dismissed it due to lack of time, but now it's affecting my work. I'm looking for ways to turn it off for VMs, Ryzen Master, Nox, and similar applications. So far, I've tried adjusting settings in the Group Policy Manager, modifying the registry, uninstalling Hyper-V, and disabling my AMD TPM. None of these steps have resolved the issue. What's puzzling is that Windows Defender shows VBS enabled under Device Security, yet when I open the core isolation tab, the memory integrity switch is off. Turning it on triggers an error about potential incompatibility. I've followed nearly every guide available, but nothing seems to work. I'm using a Ryzen 7 1700 with MSI B350 Gaming Pro Carbon BIOS, Corsair Vengeance 32 GB at 2933 MHz, and Windows version 17763.437. Any assistance would be greatly appreciated—feel free to ask anything you need.

Reply
Reply
G
GamerTV1
Member
Find
116
05-15-2017, 01:50 AM
#2
You're facing the same problem with loading VMs and Ryzen Master on your system. It seems to be related to the BIOS version or hardware configuration. Make sure your BIOS is up to date and try restarting your PC to see if that resolves the issue.
Reply
Reply
G
GamerTV1
05-15-2017, 01:50 AM #2

You're facing the same problem with loading VMs and Ryzen Master on your system. It seems to be related to the BIOS version or hardware configuration. Make sure your BIOS is up to date and try restarting your PC to see if that resolves the issue.

Reply
Reply
_
_7Hulk7_
Junior Member
Find
22
05-15-2017, 10:12 AM
#3
Same here guys – I’ve tried all possible solutions. Even added a registry entry that someone suggested as a perfect fix, but it didn’t help. The issue was actually in Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard DWord: EnableVirtualizationBasedSecurity set to 0. I’m about to reboot and reinstall it to check if anything improved. This is totally unrealistic because everything functioned before the upgrade.
Reply
Reply
_
_7Hulk7_
05-15-2017, 10:12 AM #3

Same here guys – I’ve tried all possible solutions. Even added a registry entry that someone suggested as a perfect fix, but it didn’t help. The issue was actually in Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard DWord: EnableVirtualizationBasedSecurity set to 0. I’m about to reboot and reinstall it to check if anything improved. This is totally unrealistic because everything functioned before the upgrade.

Reply
Reply
D
DiegoLan12
Member
Find
52
05-15-2017, 03:34 PM
#4
To ensure Ryzen Master functions, turn off virtualization in the BIOS settings. This process isn't related to Hyper-V or Windows configurations.
Reply
Reply
D
DiegoLan12
05-15-2017, 03:34 PM #4

To ensure Ryzen Master functions, turn off virtualization in the BIOS settings. This process isn't related to Hyper-V or Windows configurations.

Reply
Reply
D
DriftComboS_
Junior Member
Find
48
05-21-2017, 02:24 AM
#5
If your setup uses virtualization security with UEFI lock, you need to turn it off in the bootloader. Refer to the documentation at the provided link. Remove these registry entries: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LsaCfgFlags, HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceGuard\LsaCfgFlag, HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceGuard\EnableVirtualizationBasedSecurity, and HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceGuard\RequirePlatformSecurityFeatures. Use bcdedit to disable the features. From an elevated command prompt, execute the following commands: mountvol X: /s copy %WINDIR%\System32\SecConfig.efi X:\EFI\Microsoft\Boot\SecConfig.efi /Y bcdedit /create {0cb3b571-2f2e-4343-a879-d86a476d7215} /d "DebugTool" /application osloader bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} path "\EFI\Microsoft\Boot\SecConfig.efi" bcdedit /set {bootmgr} bootsequence {0cb3b571-2f2e-4343-a879-d86a476d7215} bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO,DISABLE-VBS bcdedit /set vsmlaunchtype off bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} device partition=X: mountvol X: /d Disable Windows Defender Credential Guard for a virtual machine. From the host, you can also disable Windows Defender Credential Guard for a virtual machine using: Set-VMSecurity -VMName <VMName> -VirtualizationBasedSecurityOptOut $true
Reply
Reply
D
DriftComboS_
05-21-2017, 02:24 AM #5

If your setup uses virtualization security with UEFI lock, you need to turn it off in the bootloader. Refer to the documentation at the provided link. Remove these registry entries: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LsaCfgFlags, HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceGuard\LsaCfgFlag, HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceGuard\EnableVirtualizationBasedSecurity, and HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceGuard\RequirePlatformSecurityFeatures. Use bcdedit to disable the features. From an elevated command prompt, execute the following commands: mountvol X: /s copy %WINDIR%\System32\SecConfig.efi X:\EFI\Microsoft\Boot\SecConfig.efi /Y bcdedit /create {0cb3b571-2f2e-4343-a879-d86a476d7215} /d "DebugTool" /application osloader bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} path "\EFI\Microsoft\Boot\SecConfig.efi" bcdedit /set {bootmgr} bootsequence {0cb3b571-2f2e-4343-a879-d86a476d7215} bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO,DISABLE-VBS bcdedit /set vsmlaunchtype off bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} device partition=X: mountvol X: /d Disable Windows Defender Credential Guard for a virtual machine. From the host, you can also disable Windows Defender Credential Guard for a virtual machine using: Set-VMSecurity -VMName <VMName> -VirtualizationBasedSecurityOptOut $true

Reply
Reply
T
tezer68
Member
Find
183
05-28-2017, 02:59 AM
#6
For the purpose of responding, the script from Microsoft is available at the provided link. This approach has been effective for me. Reference from the specified Stack Overflow thread.
Reply
Reply
T
tezer68
05-28-2017, 02:59 AM #6

For the purpose of responding, the script from Microsoft is available at the provided link. This approach has been effective for me. Reference from the specified Stack Overflow thread.

Reply
Reply