CredentialGuard still running

[Lazzz]

I think I've done everything as described here (including laptop shutdown):
viewtopic.php?f=25&t=99390

Here are the proofs:

1_windows_features.png

1_windows_features.png (26.99 KiB) Viewed 1868 times

2_device_guard.png

2_device_guard.png (123.76 KiB) Viewed 1868 times

3_registry.png

3_registry.png (88.53 KiB) Viewed 1868 times

However, I'm still getting those logs:
{timestamp} HM: HMR3Init: Attempting fall back to NEM: VT-x is not available
{timestamp} NEM: WHvCapabilityCodeHypervisorPresent is TRUE, so this might work...

Moreover in task manager I still see that Credential Guard & Key Guard process is running.
When I start VM (Ubuntu 20.04) it usually doesn't even boot and when it does there is green turtle icon .

Do you have any suggestions that I could try?

[mpack]

The golden bullet is the "bcdedit" command, which MUST be followed by a PC reboot from a full power down.

[Lazzz]

Yes, I know and I've did this. I've did everything as in the thread, the bcdedit command, DISM, shutdown. I've waited couple minutes after laptop was turned off (unplugged power cord).
I even wanted to remove battery but it's protected, so I was not able to do that. Instead I even waited 24+ hours after laptop was turned off with power cord unplugged but I still have this problem.

I've additionally checked 2 things:

1. Windows services (according to them Hyper-V is not running)

4_hyperv_services.png

4_hyperv_services.png (114.1 KiB) Viewed 1768 times

2. msinfo32command (which is not clear to me)

6_msinfo32.png

6_msinfo32.png (33.84 KiB) Viewed 1768 times

[scottgus1]

Is your laptop a work laptop controlled by IT overlords?

[Lazzz]

Yes, it's a new work laptop. On old one I had no issues but with this one I'm unable to pass this problem.
Is there some magic command to ultimately verify that hyper-v is active despite all my efforts to turn it off?

[scottgus1]

Is there some magic command to ultimately verify that hyper-v is active

Scan for the green turtle or the log lines.

Though 'bcdedit' is the golden bullet, IT overlords have deeper shielding and can counteract 'bcdedit'. This could be happening in your case. You'll have to check with them and your boss to let you have Virtualbox on your PC. (IT overlords are mentioned in the tutorial, too. )

[Lazzz]

Yes, I saw IT overlords mentioned but my understanding was that if it worked for older laptop then it should work for new one as well.
Anyway, thanks for help. I will try to ask within my company if they are responsible for this.

[fth0]

FWIW, the Virtualization-based security and Kernel DMA Protection features (from your msinfo32 screenshot) all enforce the Hyper-V backend.

[Lazzz]

According to my ICT department they don't have anything against using VirtualBox.
Basing on fth0 comment I've disabled "DMA Protection" in BIOS. It deactivated "Kernel DMA Protection" but still problem persisted, so I've additionally disabled "Secure Boot" in BIOS.
By disabling "Secure Boot" I've made some progress because Credential Guard & Key Guard process is no longer running. Effect is also visible in System Information:

7_msinfo32_updated.png

7_msinfo32_updated.png (86.08 KiB) Viewed 1640 times

Unfortunately, it's still not enough. Most likely there is still something which activates hyper-v.

[Lazzz]

Just for a moment I thought the problem is fixed. On top of what I did so far I've went to windows services, located HV Host Service and I've changed "Startup type" from "Manual" to "Disabled". Then I've done standard shutdown + boot and finally I was having blue V icon, Virtualbox was working perfectly.
After this success I though that I will simply turn every thing off and then on (without modifying anything). After such simple restart I'm getting green turtle once again ...