memory integrity | DriverFinder - We Make Drivers Work for You

Tag: memory integrity

Core Isolation Memory Integrity Incompatible Drivers

One of the new protection features in Windows 11 is called Core isolation. This feature helps protect against vulnerabilities that may harm the system. It is also referred to as virtualization-based security (or VBS). An important aspect of this protection is the setting memory integrity. Enabling this setting will allow Windows to shield the memory from bad code or invalid access.

A limitation of memory integrity protection is the fact that it can be impossible to enable it due to incompatible drivers. Device drivers are an important piece of any operating system, including Windows 11. Since device drivers enable communication with hardware devices, they are operating at a high-security level in Windows with access to critical system resources.

Even with systems that had no problems in the past, Windows updates can result in the core isolation option being disabled with no obvious cause.

In this article, we show how to enable memory integrity and how to deal with incompatible drivers that may block the enabling of the core isolation protection.

How to enable memory integrity

  1. Open the Settings by pressing the Windows + I keys, or use the Start menu.
  2. In the Settings window, click Privacy & security (1) in the left-hand pane.

    Open Windows Security
  3. Next, click Windows Security (2) in the right-hand pane.
  4.  Then, click Device security in the right-hand pane. This will open a new window called Windows Security.
  5. Under Core isolation, click the Core isolation details link.
    Core isolation details
  6. Now toggle the switch for Memory integrity from Off to On.
    Enable memory integrity in Windows 11
    Windows will start checking for driver compatibility before enabling the memory integrity option.
  7. Close the Windows Security window and the Settings windows.

After this, the core isolation in Windows 11 is enabled, helping protect the memory from invalid access. This will add an extra layer of protection against malware on your PC.

Incompatible drivers

So what happens with incompatible drivers are installed in the system? In that case, enabling the Memory integrity feature will fail and the Core isolation will not be working.

Memory integrity disabled

To find out which drivers are incompatible, click the Review incompatible drivers link.

You will now see one or more entries of drivers (.sys file names) that are incompatible with the Windows 11 driver system. That means, the device for which the driver is intended may work fine, but the driver is not fully compatible with the Windows 11 security system. This may happen if older drivers are installed (e.g. Windows 7 or Windows 10 drivers).

Clicking the downward pointing arrow to the right of the driver’s name will reveal details about the driver. This information, date, version, and INF name can be used in the process to solve the driver incompatibility.

stm_tpm.sys driver

It is also possible that no imcompatibvle drivers are shown. In that case, try the manual enabling option.

Solve driver incompatibility issues

The simplest choice is to simply leave the Core isolation feature in Windows 11 disabled. That way, the incompatible driver can still be used and the device will function. Considering the possible vulnerability to the system this is not the preferred option. Only when no compatible driver for the device can be found and the device is really needed would you use this option.

The better solution to enabling the memory integrity option in Windows 11 is to replace any incompatible drivers with a newer, compatible version of the device driver.

Our example shows the stm_tpm.sys driver, which is an STMicroelectronics Trusted Platform Module. Other frequently occurring examples are the ene.sys driver and the wdcsam.sys (or wdcsam64_prewin8.sys), which are MSI and Western Digital drivers respectively.

#1 Update the driver from the Device Manager

Replacing an incompatible driver with a newer version is the best way to guarantee the driver will be compatible with Windows 11. Use the Device Manager to check for updates for the device.

Update incompatible driver

In this process, Windows 11 will check the Microsoft Update Catalog for a newer version of the driver for the specific device. Take note that the device does not show any error in this example. The device and driver are functioning without device errors in Windows 11.

Note: If you do not see the problematic driver, use the option Show hidden devices in the View menu to show additional devices with their drivers.

Show hidden device in device manager Windows 11

In case any device is listed with an exclamation mark, it indicates a problem. Updating the driver for the device may fix the problem, otherwise check the error code for the device to solve the issue.

#2 Uninstall the driver to enable memory integrity

If the incompatible driver is not loaded and used by Windows, the memory integrity option can be turned on. Use the device manager to Uninstall the device, and then use the command prompt (or PowerShell) to delete the driver using the pnputil /delete-driver command.

pnputil /delete-driver oem97.inf /uninstall /force

Note: It is important to uninstall the device first, otherwise the command above will fail because the driver package is still in use.

The INF file name used in the command can be found in the details of the incompatible drivers in the Windows Security window. See the Published name detail. The /uninstall parameter ensures the driver package is removed from any devices that use the driver. The /force parameter allows the driver to be deleted even when it is in use.

Once the device is uninstalled and the driver is deleted, enable the memory integrity option as described earlier. If it still fails, try the other solutions listed here.

#3 Manually replace the incompatible driver

If the device is needed, option #2 is not possible, since the device will not work without a driver. But if the automatic update of the incompatible driver also does not work, a manual solution is required.

Uninstall device for incompatible drivers

Use the Device Manager to uninstall the device. If Windows shows the option to Attempt to remove the driver for this device during the device uninstall, select that option. This option will not show for all devices and will only work if the driver is not in use by another device.

After this, find a new driver for the device on the manufacturer’s website. In the case of the wdcsam.sys error, the latest Western Digital drivers will solve the issue. Our ene.sys article has the details for a solution with that driver. For other manufacturers, their support site should provide the latest drivers if available.

Enable Memory Integrity using the Windows Registry

If the above steps do not resolve the issue, it is possible to force the activation of the memory integrity in Windows 10 and Windows 11 using the Windows Registry. Although it is possible to use the Registry Editor for this to manually add the required keys and entries, it is easier to execute the commands to insert the registry keys from the console. Below are the steps.

Open a command prompt window with administrator privileges.

Start Command Prompt with Administrator

Now execute the following commands one by one:

reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /t REG_DWORD /d 1 /f

reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "RequirePlatformSecurityFeatures" /t REG_DWORD /d 1 /f

reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "Locked" /t REG_DWORD /d 0 /f

reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 1 /f

reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Locked" /t REG_DWORD /d 0 /f

Each command should show that the operation completed successfully.

Enable memory integrity using the Windows registry,

After that, close the command prompt window (type “exit” followed by pressing the Enter key), and restart Windows.

Now check that the memory integrity option in Windows Security is enabled.

Note: The commands above are for Windows 10 version 1607 and later (including Windows 11). For earlier Windows 10 versions (1511 and below), use these commands.

reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /t REG_DWORD /d 1 /f

reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "RequirePlatformSecurityFeatures" /t REG_DWORD /d 1 /f

reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "HypervisorEnforcedCodeIntegrity" /t REG_DWORD /d 1 /f

reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "Unlocked" /t REG_DWORD /d 1 /f

Note: Using the registry edit option can result in Windows showing the Memory Integrity option as “This setting is managed by your administrator“. If that is the case, revert the registry settings to undo the change.

A driver cannot load on this device ene.sys

When you are updating Windows 11 to the latest version, you might see an error pertaining to the file called ENE.SYS. The error indicates that the device driver cannot load. This problem is a result of the security settings in Windows 11 in combination with an older version of the ene.sys file.

A driver cannot load on this device ene.sys

What is ene.sys?

The ene.sys file is a driver file. Like other .sys files on Windows systems, it is a device driver that enables the communication between Windows and a hardware device. The ene.sys file is part of a system called MSI Mystic Light, which controls lights in a PC. This is typically used in gaming systems and is used by MSI for their gaming systems.

Mystic Light is installed as part of the MSI Dragon Center or MSI Center.

There are a few methods to solve the error related to the ene.sys file not loading. Below you will find the details on these options with instructions on how to execute them.

Option 1 – disable the memory integrity check

To enhance security Windows 11 has an option called core isolation. You can read all about it on the Microsoft website, but in short, it is a memory security feature that helps prevent critical components from being affected by malware or crashing the system.

Disabling this feature can solve the loading problem with the ene.sys file since the driver will be allowed to load afterwards.

To disable the core isolation (memory access protection) in Windows 11, follow these steps:

  1. Open the Windows 11 Settings from the Start menu.
  2. In the Settings window, click Privacy & security option in the left-hand pane (1).
  3. Next, click Windows Security in the right-hand pane (2).
    Windows 11 Security Settings
  4. Scroll down in the list of Protection areas until you see Device security and click it. The Windows Security window will open with Device security active.
  5. Now click the Core isolation details link.
  6. Toggle the option Memory integrity to Off.
    Disable Memory Integrity in Windows 11

Changing the Memory integrity option to Off will allow incompatible drivers to be loaded. That includes the version of the ene.sys that was shown in the initial error message.

As you will realize, this change will reduce the level of security on your Windows 11 PC. So, it is not the most desired option, but if no newer driver is available, it is the only option to load the driver.

Option 2 – Updating the ene.sys driver file

The better option to deal with the incompatible driver is to install an updated version of the device driver. Installing a later version of the ene.sys file can fix the problem. This will allow the Memory integrity check to be enabled and load the ene.sys driver at the same time.

To update the Mystic Light version for MSI, you use the MSI Gaming Center software. Or for Windows 11, the new MSI Center software. The MSI Center can be downloaded from the MSI website.

After downloading and installing the MSI Center, run it to find the Mystic Light option and click the Update button. If the Mystic Light is not in the Installed list, find it under the Installable items and install it to get the latest version.

Mystic Light in MSI Center

Once the installation of the new Mystic Light version is complete, enable the Memory integrity option in Windows 11 again.

Windows 11 will check the drivers installed on the system for compatibility.

Enable Memory integrity in Windows 11

If all drivers are compatible, the option will be enabled and the Core isolation will function properly.

In case a driver is found not to be compatible, Windows 11 will show a message in the notification area.

Incompatible drivers for core isolation

Click the Review incompatible drivers link in Windows Security to find out which drivers are incompatible.

Non-MSI vendors

What if you never used an MSI hardware product? There are other light control products used by different vendors that use the ENE solution as well. Have a look at Trident Z Lighting Control by G.SKILL, ASUS Aura, Gigabyte RGB Fusion, and NZXT CAM. SignalRGB is a non-vendor solution for RGB sync.

It is important to only install one of these solutions though, as they can use similar software components that interfere with each other’s operation.

In general, we recommend keeping device drivers up to date. Using the latest versions ensures the most recent digital certificates on the driver files and the best compatibility with Windows 11. Use our DriverFinder program if you have trouble finding an updated driver.

Manually remove ene.sys and related files

In case you cannot fix the problem by installing, updating, or uninstalling software related to light sync, you might need to do a manual cleanup of anything related to ENE.SYS.

That means checking the Program Files folders on your system for any ENE subfolders and deleting them. Then search for ENE.SYS and ENE.DLL on the system disk and remove those files as well.

It can even be enough to simply rename the ene.sys file in the Windows driver folder. Just do a file search in the C:\Windows\System32\Drivers or C:\Windows\System32\DriverStore\FileRepository folder for the ene.sys file and rename it to ene.sys.old or something similar. You will need administrator access level for this.

The last step is to search for ENE in the Windows Registry and remove any entries related to the driver. Make sure to make a backup of the Registry first by using the Export option in the Registry Editor! Adter creating a backup, use the Edit -> Find menu option to search for any ene.sys entries and remove them.

Search ene.sys in Windows registry

Note: Make sure to repeat the search after every occurance found and deleted using the Edit-> Find Next option (F3).

Windows 11 – Direct RGB Support

The best solution to the problem would of course be that there is no need for the ene.sys driver. At the moment there is no direct support for RGB lighting control for gaming in Windows 11. Microsoft seems to be working on this though. In Windows 11 build 25295, lightning controls have been found in the settings that seem to indicate Microsoft is implementing things directly into Windows 11! Original Microsoft specifications for this are from 2018.

Copyright 2009 and Beyond - DriverFinderPro.com - All Rights Reserved