News How to Disable VBS and Speed Up Windows 11

Status
Not open for further replies.
Oct 6, 2021
1
2
10
If even the registry setting does not work for you, try "bcdedit /set hypervisorlaunchtype off" in cmd as admin.

PS: If registry settings wont help, there might be an UEFI lock active. Delete secure boot keys, restart Windows and turn off the settings, then set secure boot keys.
 
Last edited:

waltc3

Honorable
Aug 4, 2019
453
252
11,060
I have it turned off--I wonder if just turning off SVM in the bios would accomplish the same thing...? And yes I have noticed a slight performance uplift with SVM disabled (I don't need it for anything else, atm.) I recall reading awhile back that DeviceGuard is something Microsoft has devised so that Defender and third-party AV programs can run simultaneously without tripping all over each other and generating a lot of false positives and other undesirable things. But as I'm not a big believer in running more than a single (competent) AV program simultaneously, Defender is all I need and seems to be doing a thorough job so far.
 

stairmand

Distinguished
Apr 21, 2009
40
3
18,535
When you install Windows 11 it askes how you would like the PC optimised. (gaming, creative etc) you would think the gaming setting would disable it automatically.
 

rassilon007

Commendable
Mar 21, 2022
1
0
1,510
If even the registry setting does not work for you, try "bcdedit /set hypervisorlaunchtype off" in cmd as admin.

Thank you for this. The options in the article did nothing, as core isolation was disabled and there was no such entry in the registry. Microsoft forced Virtualization on when I tried the Amazon App Store beta and didn't turn it off when the app was removed.
 
D

Deleted member 1353997

Guest
When you install Windows 11 it askes how you would like the PC optimised. (gaming, creative etc) you would think the gaming setting would disable it automatically.
Why would you think that? VBS is for security, and with all those games with online multiplayer, leaderboards, content sharing, etc. security is the last thing I'd expect to be compromised in a gaming machine.
 
theres no need to tinker with registry
you can disable virtualisation in bios or disable hyper-v in BCD, that will disable VBS just fine

you can also disable it through group policies
Computer Configuration\Administrative Templates\System\Device Guard\Turn On Virtualization Based Security , set it to disabled there
 
  • Like
Reactions: jfii
Funny, because I just check my three primary machines. One of them was a clean install of Windows 11 about six months ago, one was a clean install of Windows 10 a year ago and the other was a clean install of Windows 10 two years ago but was upgraded to Windows 11 about three months ago. None of them had this enabled. Checked my mom's 2 year Windows 10 installation and it wasn't enabled on there either. Maybe it was only the lab machine that had it enabled. LOL.
 

ArtemS

Prominent
Oct 3, 2021
2
0
510
Thank you for this. The options in the article did nothing, as core isolation was disabled and there was no such entry in the registry. Microsoft forced Virtualization on when I tried the Amazon App Store beta and didn't turn it off when the app was removed.
I second this. Also I had to reboot.
Instantly got my average CPU usage on idle drop from like 25% to 5%.
 
Last edited:

USAFRet

Titan
Moderator
Instantly got my average CPU usage on idle from like 25% to 5%.
Meanwhile, on Win 11 Home.....

2x FireFox windows, with 12 and 17 tabs open
TinyVNC window open, connected to a different PC
VirtualBox hosting a Win 10 Pro instance
Rhino3D with a CAD model open
Reolink client open, showing 2 of my house security cameras
2x File Explorer windows

No VBS manipulation from whatever is stock.

"idling" at 14-18% CPU
FFTZ1k8.jpg


If your CPU "idles" at 25%, you have other issues going on.
 
Mar 29, 2023
1
0
10
I swear I was not able to turn VBS off after trying everything in the article.
Even read comments about virtualization settings to disable in the bios, nothing about that in my bios.
And then I realize I had some other feature turned on :
image.png

(In case image link is dead in the future (or for accessibility) : Windows Sandbox and Windows Subsystem for Linux)
I don't know if it was both of them (probably) but after turning these 2 features off VBS was finally disabled after a reboot :)
 

planalp

Distinguished
Dec 31, 2007
1
0
18,510
Is VBS required for any virtualization platform? I have oracle virtualbox installed, and will turning off VBS break it?
 
Sep 24, 2023
1
0
10
Security through virtualization was driving me crazy when I saw so many errors in the Windows 11 PRO Event Viewer. In addition, I suspected that the computer was taking a little longer than necessary to open some programs, although it did not matter to me because I have Windows installed on an M.2 NVMe.

As part of trying to solve the errors that appeared in the Windows Event Viewer, try to review the Credential Guard, which is part of the virtualization system and is responsible for protecting program access credentials (passwords and so on) in a virtualization environment. . What you may notice is that the Windows Event Viewer was indicating problems such as that it was not licensed but was activated anyway and that it could not be initialized due to some error. To remedy that I went to use the Group Policy editor (GPO = gpedit.msc) I noticed that it was in "not Configured" mode as it showed three modes Disabled, Not Configured and Enabled, I enabled it to check if the errors stopped showing up in the Event Viewer, but what happened instead is that it began to cause conflicts with the TPM 2.0 because when I checked to see if it was active, it intermittently showed itself supposedly ineffective and then showed itself enabled normally. The other detail that I noticed is that some programs and games took considerably longer to start, some even more than ten seconds (in the case of programs that previously took 1 second) and having the M.2 NVME as the system unit, it is a time that if It stands out too much and it starts to bother you.

After much reflection on whether it was worth disabling it, I decided to do so and after rebooting and applying the pertinent changes, there were no longer any problems with TPM 2.0 and the programs even seemed to run faster than before having enabled that security option.

What I want to highlight about this case is that core isolation does not disable it (this requires that Bios virtualization be enabled and in Windows) and I do not think it is necessary to do so because I notice that simply disabling Credential Guard is enough for Windows is noticeable without any burden that forces it to reduce performance.

—Every time Credential Guard is disabled or enabled, core isolation is disabled and Windows Defender will warn you about this in the taskbar icon. I decided to have it enabled but if you want to disable it and Windows Defender is not showing you the warning I think I remember that it is enough to disable Virtualization from the Bios so that the core isolation option disappears and Windows Defender no longer shows the warning

I use a Ryzen 5 5600G CPU and Asus B450M-A/CMS Motherboard


Update: I had not noticed at first that every time you turn off or restart the PC, core isolation is deactivated and you must activate it and restart again for it to remain activated. but you have to repeat the process every time you turn off or restart

For this reason, I changed the status of the Credential Guard option from disabled to "not configured", but I made sure to activate the Kernel security option through Hardware, which is located just below where the option to activate core isolation is. I followed a few steps through Regedit to activate that option that I mentioned and the result is that I did not notice that the performance of Windows had decreased and I got a little additional security.

The detail to highlight is that apparently the TPM detection behaves strangely again because when you enter to check if it is activated it seems that it does not detect it but after exiting and re-entering said option it shows you the status of the TPM now. It appears to be working correctly and it seems that it is no longer as intermittent as when I had Credential Guard activated.
 
Last edited:
Status
Not open for further replies.