The Core isolation page in Windows Security may show that the Memory integrity feature is off and your device may be vulnerable. It suggests that you resolve any driver incompatibilities and try again. If you try to enable Memory integrity or click “Scan again”, the “Incompatible drivers” page may be empty.
The above page is supposed to show the list of incompatible drivers and driver packages on the computer. For more information, see Cannot Enable Core Isolation Due to Incompatible Drivers.
The Memory integrity scan checks each driver for HVCI compatibility and list the incompatible drivers. If the list is empty, you wonder if there are any other ways to narrow down the driver/driver package stopping you from enabling memory integrity.
Resolution
Sometimes, the integrity scan doesn’t show the incompatible drivers. As an alternative to the built-in Memory integrity scanner, you can run the standalone scanner (hvciscan_amd64.exe) from Microsoft. This tool scans each driver to check if it complies with the Memory integrity feature.
Please download the Memory Integrity readiness console tool from Microsoft:
https://www.microsoft.com/en-us/download/details.aspx?id=105437
Copy the file “hvciscan_amd64.exe” to a folder on the C drive’s root–e.g., C:\Tools\
Open an admin Command Prompt and run:
c:\tools\hvciscan_amd64.exe
And then run:
c:\tools\hvciscan_amd64.exe KCET
The output of the first command shows a list of drivers incompatible with the Memory integrity. The second command lists drivers or services that don’t support the Control-flow Enforcement Technology feature.
Here’s a sample output for the above two commands:
VbsGetIssues: 0x00000000 VbsIsRecommended: 1 HVCI incompatible driver scan start... HVCI: Error 1168 querying "driver/INF file name" in the SDB HVCI: Driver scanning complete HVCI: scan get result failed. Kernel-mode CET incompatible driver scan start... Kernel-mode CET: Error 1168 querying "driver/INF file name" in the SDB Kernel-mode CET: [driver/service executable] is marked as incompatible with kernel-mode CET in the SDB Kernel-mode CET: Driver scanning complete. Kernel-mode CET: Scan get result failed.
Error 1168 (hex: 0x80070490) translates to ERROR_NOT_FOUND or “Element not found.” The driver file may not exist on the system, but a reference to it may exist in the driver store.
Uninstall the incompatible driver(s)
To resolve the problem, completely uninstall the driver using PnpUtil (for driver store/INF packages) or Autoruns (for drivers). For more information, see How to Completely Uninstall a Driver.
Example:
Step 1: Get the list of driver packages
dism /online /get-drivers /format:table
The DISM output showed the following:
oem16.inf | dddriver64dcsa.inf | No | System | Dell Technologies | 7/26/2021 | 2.0.6.0
Step 2: Uninstall the driver package
Now that the OEM INF # is known, we could uninstall it using PnpUtil.exe.
pnputil /delete-driver oem16.inf /uninstall /force
After uninstalling the driver successfully, you should be able to enable Memory integrity.
Additional Information
If no incompatible drivers are found, the hvciscan_amd64.exe tool shows the following output:
C:\Windows\System32>"C:\Tools\hvciscan_amd64.exe" VbsGetIssues: 0x00004080 VbsIsRecommended: 0 HVCI incompatible driver scan start... HVCI: Driver scanning complete HVCI incompatible driver scan passed! C:\Windows\System32>"C:\Tools\hvciscan_amd64.exe" kcet VbsGetIssues: 0x00004080 VbsIsRecommended: 0 Kernel-mode CET incompatible driver scan start... Kernel-mode CET: Driver scanning complete Kernel-mode CET incompatible driver scan passed!
I hope the above information helps.
One small request: If you liked this post, please share this?
One "tiny" share from you would seriously help a lot with the growth of this blog. Some great suggestions:- Pin it!
- Share it to your favorite blog + Facebook, Reddit
- Tweet it!
I love you! lol. I’d been trying to fix this problem for hours with help from google and chatgpt and nothing worked. Your info fixed it on the first try. This is all beyond my knowledge level, but your steps were so easy to follow. Thank you!!