In this guide, I will explain how to disable Hyper-V in Windows and use Intel VT-x/EPT or AMD-V/RVI in any virtualization program, such as VirtualBox or VMware (in my case). The final step (6) is the key to disabling it in version 24H2, which has a bug that prevents it from being disabled.

Step 1: Stop Any Currently Running Hyper-V Services

1. Click on the Start menu.
2. Type services (without quotes) and press [ENTER].
3. In the Services window, browse through the list and look for any services that include "Hyper-V" (e.g., "HV Host Service").
4. If any of these services are running, right-click on them and select Stop.
5. Close the Services window.

Step 2: Ensure Hyper-V and Related Features Are Not Installed

1. Click on the Start menu.
2. Type Features (without quotes) and select "Turn Windows Features on or off".
3. In the Windows Features window, ensure the following options are unchecked:
• Hyper-V (including all sub-items).
• Windows Hypervisor Platform.
• Linux subsystem for windows
4. Click OK and wait for the changes to apply.
5. Restart your computer if prompted.

Step 3: Disable "hypervisorlaunchtype"

1. Click on the Start menu.
2. Type powershell (without quotes), right-click on Windows PowerShell, and select Run as administrator.
3. In the PowerShell window, type the following command and press [ENTER]:
4. bcdedit /set hypervisorlaunchtype off
5. Close the PowerShell window.

Step 4: Disable Device Guard (If Applicable)

Note:

• This step may not apply to all versions of Windows.
• The Group Policy Editor (gpedit.msc) is not available in Windows 11 Home.

1. Click on the Start menu.
2. Type gpedit.msc (without quotes) and press [ENTER].
3. In the Group Policy Editor, navigate to:
4. Local Computer Policy > Computer Configuration > Administrative Templates > System > Device Guard
5. Double-click on "Turn on Virtualization Based Security".
6. Select Disabled and click OK.

Step 5: Disable "Memory Integrity" in Core Isolation

1. Click on the Start menu.
2. Type core isolation (without quotes) and press [ENTER].
3. In the Core Isolation window, ensure that "Memory Integrity" is turned Off.
4. Close the window.

Step 6: Mandatory step for Windows 11 24H2

Windows 11 24H2 has a known issue where Hyper-V might still interfere even after following the above steps. To resolve this, you'll need to use the Microsoft Device Guard and Credential Guard Hardware Readiness Tool:

1. Download the Device Guard and Credential Guard hardware readiness tool from Microsoft.
• https://www.microsoft.com/en-us/download/details.aspx?id=53337
2. Extract the downloaded ZIP file.
3. Use the tool to disable Device Guard and Credential Guard:
• Open PowerShell window as an administrator.
• Navigate to the folder where you extracted the tool.
• Firs run this command to get Execution Policy:
• Set-ExecutionPolicy Unrestricted -Scope Process
• Now run the script with the -disable parameter to disable Device and Credential Guard
• DG_Readiness_Tool_v3.6.ps1 -Disable
4. Reboot your computer.
5. During the boot process, Windows will ask you to confirm the changes. Follow the on-screen instructions to proceed (Just press F3).

Note: Disabling Device Guard and Credential Guard will temporarily disable your Windows Hello PIN. However, you can re-enable it later without any issues.

Step 7: Confirm Hyper-V is Fully Disabled

1. After rebooting, open a PowerShell window as an administrator.
2. Run the following command to ensure Hyper-V is fully disabled:
3. bcdedit /set hypervisorlaunchtype off
4. Reboot your computer again.

Additional Notes

This method worked for me on Windows 11 24H2 for VMware Workstation and Virtualbox After completing these steps. I hope this actually helps someone, because I almost lost my mind trying to fix this

As far as I understand, this happens because in the new version, the security of the Windows Hello PIN and others things are based on the hypervisor, although it should be disabled if you want to disable the hypervisor, Microsoft should provide a simpler option to disable it completely and take the risks.

I am not responsible if someone breaks their system or creates a security breach. I'm just trying to help, something Microsoft doesn't do, considering that the original deactivation guide is the same as always.

Hi, I created an account just to thank you ! As this was also driving me nutz and I had tried all the settings except for Step 6 and ultimately that is what fixed it. I have 1 PC with Win10 and 1 with Win11 the other thing that tripped me was Win11 had player when I installed Vmware workstation Pro it could not find vmnetbridge.dll point it to C:\Program Files (x86)\VMware\VMware Workstation\ and it will go thru. Everything is working perfectly now Thanks Again!

This looks like a very comprehensive answer. Thanks!

Many MANY thanks for sharing. 

Thanks man, Step 6: Mandatory step for Windows 11 24H2, which only helped me. So many time missed trying to do it before I found your post. Get registered only to thanks you

You have no idea the amount of hair I pulled out to get this working right and I can confirm that this work. I have searched the internet for answers and kept getting a "disable this or disable that". I almost gave up until I found this post. Thank you so much. One last thing, do you see Microsoft releasing a patch or update that would cause this to break or revert back the default settings?

In step 6 this happens to me:

PS C:\Users\Sonda\Downloads\dgreadiness_v3.6> DG_Readiness_Tool_v3.6.ps1 -Disable
DG_Readiness_Tool_v3.6.ps1 : El término 'DG_Readiness_Tool_v3.6.ps1' no se reconoce como nombre de un cmdlet, función,
archivo de script o programa ejecutable. Compruebe si escribió correctamente el nombre o, si incluyó una ruta de
acceso, compruebe que dicha ruta es correcta e inténtelo de nuevo.
En línea: 1 Carácter: 1
+ DG_Readiness_Tool_v3.6.ps1 -Disable
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (DG_Readiness_Tool_v3.6.ps1:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

Suggestion [3,General]: No se encontró el comando DG_Readiness_Tool_v3.6.ps1, pero existe en la ubicación actual. Windows PowerShell no carga comandos de la ubicación actual de forma predeterminada. Si confía en este comando, escriba ".\DG_Readiness_Tool_v3.6.ps1". Vea "get-help about_Command_Precedence" para obtener información más detallada.
PS C:\Users\Sonda\Downloads\dgreadiness_v3.6>

any suggestions?

Did you actually read the error message, especially the Suggestion part? The answer is literally in there.

I've already found the "detail," and it's basically how to run the script in the folder...

It doesn't run as
"DG_Readiness_Tool_v3.6.ps1"

This is how it should run:
".\DG_Readiness_Tool_v3.6.ps1 -Disable"

Hi,
unfortunately not worked for me. Maybe is because my windows version is already the 25h2...
Does someone have solutions?

I'm running 25H2 as well and it worked. step 6 was what i was missing.
My only problem is my with Windows Hello PIN -> i can't use it (re-enable).The remove button is grayed. for now i didn't figure out how to re-enable PIN. anyone?

BEFORE:
```
C:\Users\admin>systeminfo | findstr "Hyper-V" Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
```

AFTER: (not detected anymore)
```
C:\Users\admin>systeminfo | findstr "Hyper-V"
Hyper-V Requirements:          VM Monitor Mode Extensions: Yes
```

-------------------------------------------

As far as I know Windows Hello requires VBS on Windows 11.

Actually, Windows Hello PIN is working now..

I'm running 25H2 as well, and it worked. I did all six steps.

Fantastic!  Thanks for the comprehensive steps.  

Thanks for this - very detailed and helpful - worked for me too!

Logged in just so I could reply. Thank you so much for this. I've been fighting with crashes and freezing in Virtualbox for the last week. It has been a nightmare and these instructions worked beautifully to correct the issue. Microsoft should shut down their garbage and leave the tools work as they were originally intended to or make it easier to disable functionality breaking features.

I followed the instructions step by step and was successful. I am running Windows 11 home 25H2. Got an error message when I ran the powershell tool but rebooted anyway. VMWare installed without errors. Thank you for your post.

i just logged in to thank you i was struggling with this for hours
im on  Windows 11 home 25H2 i kept trying to dissable hyper v but it kept being detected in device manager
i think the Device Guard and Credential Guard hardware readiness tool from Microsoft made it

i couldnt disable it without it but i somehow got my second partition disapearing probably gonna look that up later
anyone know the sulotion?

------

is there some way to fix that? Script disabled Device Guard and Credential Guard but I still see:

------
Hyper-V Requirements:          A hypervisor has been detected. Features required for Hyper-V will not be displayed.

------

( dism /online /Get-Features does not list any Hyper-V feature available)

I have a 25H2 installation here.  Applied the above, ran the DG Readiness tool successfully, but the hypervisor continued to load:

On the first reboot I hit F3 at the "F3 to disable" blah-blah UEFI loader prompt; there's no hypervisor load this time.  Sure enough on the 2nd reboot I have Microsoft-Windows-Hyper-V-Hypervisor | Hypervisor successfully started in the event log. Oof. 

What's going wrong?

[RageNoises.wav]

I am very disappointed at Microsoft. I tried everything in this forum, to yet no success. My brother's PC does not have Hyper-V on.  Both of us are on windows 11 Home, 25h2.  This has been driving me crazy for 2 days now.  Should I just throw windows in the trash and go Linux? My workflows require adobe creative cloud, however, which does not have Linux support, unfortunately, so I'm stuck with Microsoft.

Original Message:
Sent: Feb 07, 2026 09:00 AM
From: richard612
Subject: How to Disable Hyper-V in Windows 11 24H2

I have a 25H2 installation here.  Applied the above, ran the DG Readiness tool successfully, but the hypervisor continued to load:

 Get-WinEvent -LogName system | Where-Object { $_.ProviderName -like 'Microsoft-Windows-Hyper*' }

 

   ProviderName: Microsoft-Windows-Hyper-V-Hypervisor

 

TimeCreated                     Id LevelDisplayName Message

-----------                     -- ---------------- -------

2026-02-06 22:09:42            165 Information      Hypervisor configured mitigations for CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130 for virtual machines.…

2026-02-06 22:09:42            156 Information      Hypervisor configured mitigations for CVE-2018-3646 for virtual machines.…

2026-02-06 22:09:42            129 Information      Hypervisor initialized I/O remapping.…

2026-02-06 22:09:42              2 Information      Hypervisor scheduler type is 0x1.

2026-02-06 22:09:42              1 Information      Hypervisor successfully started.

Let's see if I can disable the hypervisor without help from Group Policy as several Windows editions have no such thing.

I've unlinked the relevant GPO from the domain, restored Device Guard to "not configured" in local Group Policy, run a gpupdate, then re-ran the DG Readiness ps1 script.

Then I rebooted TWICE -- 1st time so that whatever might alter the config has a chance to do so and 2nd for said alterations to go into effect.

On the first reboot I hit F3 at the "F3 to disable" blah-blah UEFI loader prompt; there's no hypervisor load this time.  Sure enough on the 2nd reboot I have Microsoft-Windows-Hyper-V-Hypervisor | Hypervisor successfully started in the event log. Oof. 

Windows Defender has no knob to turn Credential Guard off:

Per MS website Cred Guard does use Virtualization-based Security (VBS).  Check the registry and I have: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\CredentialGuard]
"Enabled"=dword:00000001

Re-run DG readiness tool and check its logfile.... It doesn't touch this reg key!  There's no code to do so.  So I manually set the key to 0 and reboot; it's back to 1 again.  What else is here?  How about Key Guard which also leverages Virtualization-Based Security (VBS)?

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\KeyGuard\Status]
"IsTestConfig"=dword:00000000
"LsaIsoLaunchAttempted"=dword:00000001
"LsaIsoLaunchError"=dword:00000000
"ExecSystemProcessesError"=dword:00000000
"NumAttemptedRestarts"=dword:00000001
"NumSuccessfulRestarts"=dword:00000000
"KeyGuardEnabled"=dword:00000001
"CredGuardEnabled"=dword:00000001
"IsSecureKernelRunning"=dword:00000001
"EncryptionKeyAvailable"=dword:00000001
"EncryptionKeyPersistent"=dword:00000001
"SecretsMode"=dword:00000001

Flipped "KeyGuardEnabled" and "CredGuardEnabled" to 0 then reboot.  No dice.  Still have a hypervisor.

Lets see if MS has anything useful: Configure Credential Guard | Disable Credential Guard.  From that page:

Key path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Key name: LsaCfgFlags
Type: REG_DWORD
Value: 0

Key path: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard
Key name: LsaCfgFlags
Type: REG_DWORD
Value: 0

Now we're getting somewhere!  Applied these, making sure the earlier reg keys were also returned to 0.  Boom, 1-2-3 reboots and no hypervisor!🎉

---

What's going wrong?

How about line 1207 of theDG_Readiness_Tool_v3.6.ps1PowerShell script: 

ExecuteCommandAndLog 'REG DELETE "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v "LsaCfgFlags" /f'

...but Microsoft's Disable Credential Guard guidance (linked above) has:

[RageNoises.wav]

So anyway, I reckon DG_Readiness_Tool_v3.6.ps1 remains useful as it chains the "press F3 to disable Credential Guard" shim into UEFI boot (thus performing Disable Credential Guard with UEFI lock for us).

I've also stumbled across these:

My system does have this key.  I wonder if its presence was helping to keep "default enablement" in a state of, uh, enablement.

Going forward, to OP's guide I'd add something about:

• doing all steps in one go (i.e. no reboot until the end) since Credential Guard re-enabling itself during the next boot may undo one or more steps (e.g. it re-creates reg keys which we do not want and may re-implement UEFI lock).
• rechecking everything if hypervisor removal fails, given the way "default enablement" can take over.
• after execution then both before and after the first reboot, checking [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\CredentialGuard]to ensure there's no "Enabled"=dword:00000001for any of the VBS-dependent technologies.
• leave nothing to chance by creating explicit"Enabled"=dword:00000000keys for all VBS-dependent technologies under theCredentialGuardkey.  I don't have a full list but I'll bet we can crowdsource one...
• adding a check for the two LsaCfgFlags reg keys; user shall create/modify if needed.
• Group Policy may be ineffective in some cases. In my case it was definitely not working.  I'm contemplating a hand-crafted .ADMX/.ADML we might use to help with this project.

Henry,
I'm not sure why you are trying to disable Hyper-V AND at the same time say that you are stuck with Microsoft?

You don't need do nothing to get Windows VM running under Win 11 Pro. I mean, IF you need to use a VM. My experience is from Win 24H2 and VMware 17.5.2 (which is a Win 11 version). Win 11 Pro upgrade from Home, is perhaps 2-4 euros, if you know where to buy. If you install Pro from scratch, it is less than 2 euros (including VAT).

IF you need to use a Windows VM, you are NOT stuck with Microsoft, you can run them under Linux, in all cases. I mean, even you need Nested virtualization, which I don't think is the case with Adobe (not truly familiar with those applications).

IF you need to run Adobe on the Host you ARE stuck with Windows, but you don't need to do nothing for Hyper-V (in which case, I don't understand what the deal is on this Forum, if Adobe will not install).

IF you really need a personal recommendation, you should throw Windows to trash at your Host. Better still, have a separate workstation or ASUS TUF gaming laptop, run Linux there and be happy (I like Kubuntu the best). There are of course more powerful laptops, if you want (like ASUS ROG Strix (SCAR) ), but considering the work that you need to do in trying to get anything done in Win 11, the hardware is not at all expensive.

Use your Windows 11 computers to something they can run, like Notepad. Oh, wait a minute, that is not very good, but Notepad++ is a decent text editor and even Win 11 can run it. (sarcasm alert)

Thanks for this post. I came here because I have a new XP SP3 VM that's performing very poorly in VMware Workstation Pro on Windows 11. Everything is almost unusably slow, audio is choppy, etc. I had tried everything but step 6 and was not able to get Hyper-V disabled. I bet step 6 would help, but since this is a user PC, I'm concerned on the other hand about compromising security. IMO, this should be fixed correctly either in Windows 11 or Workstation Pro so that users don't have to dismantle the security architecture of Windows 11 in order for their VMs to work properly...

I understand. Under these circumstances, I would have a separate PC/Workstation for Virtualization with Admin rights and in a separate network (if that is the corporate Domain requirement). Windows 11 Pro or Home is not very good in anything. I would consider a different OS. That is what we did at XP times which was a lousy OS for virtualization - now those times are back.

Don't get me wrong - VMware (17.5.2) works fine in Windows 11 Pro without doing anything from the list - if you don't need Nested, or as it happens XP OS Guest like it has been suggested by VMware itself. However, Win 11 Pro with state-of-the-art-Intel laptop (Asus ROG Strix Scar) is not any faster than Win 10 Pro from 3 years on a moderately priced Ryzen 9 Asus ROG Strix laptop. Not a very good result in virtualization in Win 11.

With that VMware, I haven't had any problems with mouse in XP, but I cannot remember was it in Win 10 or Win 11. I haven't paid attention to sound.

IMO this is wise advice in a case like this. I installed Fedora and QEMU on an external HDD which can be booted when this XP VM is needed, which is not very often. It runs well under QEMU/KVM. Yes, we'd love to get off of XP, but when you have a business critical app on it that's too expensive to upgrade, this is what ends up happening.

Pete, yes, I understand your business case.

That is exactly why I used XP not so long ago.

Thank you so much!! I've been with various problems on VMWare Workstation and EVE-NG during 2 days. Finally, I can solve the issue thank to you. Genius.

THANK YOU!!! I have been trying ALL DAY to get Cisco Modeling Labs (CML) running via VirtualBox or vmWare Workstation Pro - Step 6 was the missing key!! THANK YOU SERIOUSLY!

Great Guide. Step 6 resolved the issue for me as well, even though I received an error message stating Hyper-V could not be disabled. Rebooted PC and got the windows message to press F3. Attempted install of VMWare Workstation Pro again and it did not detect Hyper-V. THANK YOU!!

Guide is still working in 2026 on VMWare Workstation Pro 26H1 and Windows 11 Home 25H2.