CAUTION: Beta 3 is not compatible with windows 11 Core isoaltion

[DavidXanatos]

If you install Beta 3 on a windows 11 system with Core isoaltion -> Memory Integrity enabled the system will not boot

once windows brings you to the recovery options navigate to the command prompt option and open it, type regedit.exe once the registry editor is open, navigate to the HKML key and got o file -> load hive, then load your C:\Windows\system32\config\SYSTEM hive as "SYS" then you can go to the loaded SYS hive under ...\CurrentControl001\Control\Class{71A27CDD-812A-11D0-BEC7-08002BE2092F} open "LowerFilters" and remove the line with dcrypt then go to ...\CurrentControl001\Control\Class{4D36E965-E325-11CE-BFC1-08002BE10318} and remove the value "UpperFilters" then go to ...\CurrentControl001\Control\CrashControl open "DumpFilters" and remove the line dcrypt.sys finally go to ...\CurrentControl001\Services and delete the entire key "dcrypt"

Now you can reboot and the system should start up properly.

After you have disabled Core isoaltion -> Memory Integrity you can safely re install DC and proceed using it.

The issue will be fixed in Beta 4 (https://github.com/DavidXanatos/DiskCryptor/commit/195494dc239323321b8aa9eaef63135f3afad090)

[ghost]

@DavidXanatos Do you know why does it impact that way? Why Memory Integrity thinks that dcrypt.sys cannot be used as filter driver?

[DavidXanatos]

There are two issues as far as I can tell,

1. The original very old implementation of the routine used to check for the presence of a password passed by the boot loader is not compatible with Core isoaltion -> Memory Integrity (HVCI) but that should cause a BSOD in dcrypt.sys and not a unmountable boot device. https://github.com/DavidXanatos/DiskCryptor/blob/195494dc239323321b8aa9eaef63135f3afad090/DCrypt/driver/boot_pass.c#L78
2. The driver was signed the "old way" i.e. directly and nor through MSFT so in certain configurations the kernel may decline to load it at all and this wound cause the unmountable boot device error.

The strange thing is that I could not disable Core isoaltion -> Memory Integrity using offline registry editing, or rather I could but it did not fix the issue for the first boot, so I can disable it and after a successful boot its disabled in settings, and DC can be installed fine, but when starting out from the state where DC was installed and there was a unmountable boot device error disabling it did not fix the issue, also disabling virtualization support in the firmware did not help eider. This makes me think that when enabling HVCI windows will set some flag to disable the load of drivers wich are known to be incompatible, and switching HVCI the brute force way will not clear it.

[Kathxc]

So my core isolation was already off and I ended up getting a BSOD repeatably on boot, I went ahead and did the steps above which did end up allowing me to boot up

but now I cant reinstall anything without getting an error.

Edit: started safemode, only way the system would load with it installed, went ahead and decrypted from safemode and uninstalled it after that.

[alejandro-amo]

RELATED: #80

[DavidXanatos]

build 1.3.0 is out which should work without issues with core isolation: https://github.com/DavidXanatos/DiskCryptor/releases/tag/v1.3.0