Closed DavidXanatos closed 8 months ago
@DavidXanatos Do you know why does it impact that way? Why Memory Integrity thinks that dcrypt.sys cannot be used as filter driver?
There are two issues as far as I can tell,
The strange thing is that I could not disable Core isoaltion -> Memory Integrity using offline registry editing, or rather I could but it did not fix the issue for the first boot, so I can disable it and after a successful boot its disabled in settings, and DC can be installed fine, but when starting out from the state where DC was installed and there was a unmountable boot device error disabling it did not fix the issue, also disabling virtualization support in the firmware did not help eider. This makes me think that when enabling HVCI windows will set some flag to disable the load of drivers wich are known to be incompatible, and switching HVCI the brute force way will not clear it.
So my core isolation was already off and I ended up getting a BSOD repeatably on boot, I went ahead and did the steps above which did end up allowing me to boot up
RELATED: #80
build 1.3.0 is out which should work without issues with core isolation: https://github.com/DavidXanatos/DiskCryptor/releases/tag/v1.3.0
If you install Beta 3 on a windows 11 system with Core isoaltion -> Memory Integrity enabled the system will not boot
once windows brings you to the recovery options navigate to the command prompt option and open it, type regedit.exe once the registry editor is open, navigate to the HKML key and got o file -> load hive, then load your C:\Windows\system32\config\SYSTEM hive as "SYS" then you can go to the loaded SYS hive under ...\CurrentControl001\Control\Class{71A27CDD-812A-11D0-BEC7-08002BE2092F} open "LowerFilters" and remove the line with dcrypt then go to ...\CurrentControl001\Control\Class{4D36E965-E325-11CE-BFC1-08002BE10318} and remove the value "UpperFilters" then go to ...\CurrentControl001\Control\CrashControl open "DumpFilters" and remove the line dcrypt.sys finally go to ...\CurrentControl001\Services and delete the entire key "dcrypt"
Now you can reboot and the system should start up properly.
After you have disabled Core isoaltion -> Memory Integrity you can safely re install DC and proceed using it.
The issue will be fixed in Beta 4 (https://github.com/DavidXanatos/DiskCryptor/commit/195494dc239323321b8aa9eaef63135f3afad090)