Dietmar Posted May 2, 2022 Posted May 2, 2022 (edited) @George King There are 11 dependencies from Intel Lan driver for i219 e1d6232.sys, which have to be integrated in ntoskrn8.sys too and then also the change of ntoskrnl.exe ---> ntoskrn8.sys in e1d6232.sys Dietmar PS: Maybe, that in this night we get a working NDIS6 driver for XP SP3. Edited May 2, 2022 by Dietmar
George King Posted May 2, 2022 Posted May 2, 2022 @Dietmar Can you please upload compiled this new ntoskrn8.sys?
Damnation Posted May 2, 2022 Author Posted May 2, 2022 @George King This one builds successfully https://ufile.io/itvzfprv It froze in my VM, I'll work on this tomorrow.
Dietmar Posted May 2, 2022 Posted May 2, 2022 @George King Until now I cant work with the Extender. So we have to wait for @Damnation for new ntoskrn8.sys for Intel Lan NDIS6 for the i219 device Dietmar
Dietmar Posted May 2, 2022 Posted May 2, 2022 @Damnation The link is for the same ntoskrn8.sys as before. Do you already integrate the 11 functions which Dependency Walker shows for e1d6232.sys (only to ntoskrnl.exe) into the new ntoskrn8.sys and change name in e1d6232.sys from ntoskrnl.exe ---> ntoskrn8.sys Dietmar
George King Posted May 2, 2022 Posted May 2, 2022 (edited) I have compiled it, modded INF, fixed missing exports are redirected to ntoskrnx.exe (one kernel from One-Core-API) / ntoskrn8.sys. @DietmarHere is 32bit driver to try https://anonfiles.com/d9p63ec4y8/Ported_i219_driver_iso Edited May 2, 2022 by George King
Dietmar Posted May 2, 2022 Posted May 2, 2022 @George King The dependencies are all fullfilled, but I got Bsod after installing this driver Dietmar Microsoft (R) Windows Debugger Version 6.3.9600.17200 X86 Copyright (c) Microsoft Corporation. All rights reserved. Using NET for debugging Opened WinSock 2.0 Waiting to reconnect... Connected to target 192.168.2.102 on port 50000 on local IP 192.168.2.101. Connected to Windows XP 2600 x86 compatible target at (Mon May 2 22:39:36.687 2022 (UTC + 2:00)), ptr64 FALSE Kernel Debugger connection established. ************* Symbol Path validation summary ************** Response Time (ms) Location OK C:\Symbols ************* Symbol Path validation summary ************** Response Time (ms) Location OK C:\symbolssss Symbol search path is: C:\symbolssss Executable search path is: C:\Symbols Windows XP Kernel Version 2600 MP (1 procs) Checked x86 compatible Built by: 2600.xpsp.080413-2133 Machine Name: Kernel base = 0x80a02000 PsLoadedModuleList = 0x80b019e8 System Uptime: not available ************* Symbol Path validation summary ************** Response Time (ms) Location OK E:\binaries.x86fre\Symbols ************* Symbol Path validation summary ************** Response Time (ms) Location OK C:\Symbols ************* Symbol Path validation summary ************** Response Time (ms) Location OK C:\symbolssss OK C:\symbols OK C:\symbolss OK C:\symbolsss OK E:\binaries.x86fre\Symbols Deferred https://msdl.microsoft.com/download/symbols Deferred srv* Break instruction exception - code 80000003 (first chance) nt!DbgBreakPoint: 80ac37e0 cc int 3 kd> g MM: Loader/HAL memory block indicates large pages cannot be used for 80100000->8012777F MTRR feature disabled. KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled KiInitializeMTRR: OS support for MTRRs disabled *** Assertion failed: NumberOfBytes != 0 *** Source File: d:\xpsp\base\ntos\ex\pool.c, line 1174 Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i i *** Fatal System Error: 0x000000c2 (0x00000000,0x00000000,0x00000001,0xCD637052) Break instruction exception - code 80000003 (first chance) A fatal system error has occurred. Debugger entered on first try; Bugcheck callbacks have not been invoked. A fatal system error has occurred. Connected to Windows XP 2600 x86 compatible target at (Mon May 2 22:39:48.875 2022 (UTC + 2:00)), ptr64 FALSE Loading Kernel Symbols ................................................... Loading User Symbols ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck C2, {0, 0, 1, cd637052} *** ERROR: Symbol file could not be found. Defaulted to export symbols for msrpc.sys - Probably caused by : msrpc.sys ( msrpc!I_RpcGetCompleteAndFreeRoutine+22 ) Followup: MachineOwner --------- nt!RtlpBreakWithStatusInstruction: 80ac37ec cc int 3 11: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* BAD_POOL_CALLER (c2) The current thread is making a bad pool request. Typically this is at a bad IRQL level or double freeing the same allocation, etc. Arguments: Arg1: 00000000, The caller is requesting a zero byte pool allocation. Arg2: 00000000, zero. Arg3: 00000001, the pool type being allocated. Arg4: cd637052, the pool tag being used. Debugging Details: ------------------ FAULTING_IP: msrpc!I_RpcGetCompleteAndFreeRoutine+22 b7673119 5d pop ebp BUGCHECK_STR: 0xc2_0 DEFAULT_BUCKET_ID: DRIVER_FAULT PROCESS_NAME: System ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) x86fre LAST_CONTROL_TRANSFER: from 80a30d7b to 80ac37ec STACK_TEXT: b84c70e8 80a30d7b 00000003 b84c7444 00000000 nt!RtlpBreakWithStatusInstruction b84c7134 80a319e6 00000003 00000000 00000000 nt!KiBugCheckDebugBreak+0x19 b84c7514 80a31f77 000000c2 00000000 00000000 nt!KeBugCheck2+0x574 b84c7534 80aed772 000000c2 00000000 00000000 nt!KeBugCheckEx+0x1b b84c75ac 80ad36a4 00000001 00000000 cd637052 nt!ExAllocatePoolWithTag+0xe86 b84c75c8 b7673119 00000001 00000000 cd637052 nt!ExAllocatePoolWithTagPriority+0x58 WARNING: Stack unwind information not available. Following frames may be wrong. b84c75e0 b7673e8a 00000000 b84c7608 b767825b msrpc!I_RpcGetCompleteAndFreeRoutine+0x22 b84c75ec b767825b 00000000 8b3101d6 00000000 msrpc!UuidEqual+0x16a b84c7608 b7696024 80b97c38 b84c7624 80084000 msrpc!UuidEqual+0x453b b84c7634 80d37c99 b7696014 80084000 80084000 msrpc!DllInitialize+0x10 b84c7684 80d341f1 80084000 b84c76a0 00034000 nt!IopInitializeBootDrivers+0xe1 b84c7830 80d31940 80084000 00000000 8b345670 nt!IoInitSystem+0x82d b84c7dac 80bd81ac 80084000 00000000 00000000 nt!Phase1Initialization+0xb12 b84c7ddc 80ae4212 80d30e2e 80084000 00000000 nt!PspSystemThreadStartup+0x34 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16 STACK_COMMAND: kb FOLLOWUP_IP: msrpc!I_RpcGetCompleteAndFreeRoutine+22 b7673119 5d pop ebp SYMBOL_STACK_INDEX: 6 SYMBOL_NAME: msrpc!I_RpcGetCompleteAndFreeRoutine+22 FOLLOWUP_NAME: MachineOwner MODULE_NAME: msrpc IMAGE_NAME: msrpc.sys DEBUG_FLR_IMAGE_TIMESTAMP: 61b814df IMAGE_VERSION: 6.1.7601.25822 FAILURE_BUCKET_ID: 0xc2_0_msrpc!I_RpcGetCompleteAndFreeRoutine+22 BUCKET_ID: 0xc2_0_msrpc!I_RpcGetCompleteAndFreeRoutine+22 ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:0xc2_0_msrpc!i_rpcgetcompleteandfreeroutine+22 FAILURE_ID_HASH: {7bd0e304-b158-484e-2d37-b2035b12b23c} Followup: MachineOwner --------- 11: kd> lm start end module name 80100000 80127780 HAL3 (deferred) 80128000 80150000 kdcom (deferred) 80150000 8017a000 KDSTUB (deferred) 802d9000 802e9a80 pci (deferred) 80a02000 80da3000 nt (pdb symbols) C:\Programme\Windows Kits\8.1\Debuggers\x86\sym\ntkrpamp.pdb\5B9E8A586D3D49D98927B5D5117577231\ntkrpamp.pdb b7614000 b762de80 Mup (deferred) b762e000 b766d000 NETIO (deferred) b766d000 b7699000 msrpc (export symbols) msrpc.sys b7699000 b7751000 NDIS (deferred) b7751000 b77ddd00 Ntfs (deferred) b77de000 b783b000 UsbHub3 (deferred) b783b000 b7880000 USBXHCI (deferred) b7880000 b7896b80 KSecDD (deferred) b7897000 b78a8f00 sr (deferred) b78a9000 b78c8b00 fltMgr (deferred) b78c9000 b78e0880 SCSIPORT (deferred) b78e1000 b792a000 storport (deferred) b792a000 b794db80 ntoskrn8 (deferred) b794e000 b7b25e80 ntoskrnx (deferred) b7b26000 b7b39000 storahci (deferred) b7b39000 b7b50900 atapi (deferred) b7b51000 b7e06000 iaStor (deferred) b7e06000 b7e2ba00 dmio (deferred) b7e2c000 b7e4ad80 ftdisk (deferred) b7e4b000 b7e7a000 ucx01000 (deferred) b7e7a000 b7ea9d80 ACPI (deferred) b7eaa000 b7f2c000 WDF01_W8 (deferred) b7f2c000 b7f4b000 asmthub3 (deferred) b7f4b000 b7fa7000 asmtxhci (deferred) b80a8000 b80b6000 WDFLDR8 (deferred) b80b8000 b80c1300 isapnp (deferred) b80c8000 b80d2000 WppRecorder (deferred) b80d8000 b80e2580 MountMgr (deferred) b80e8000 b80f5200 VolSnap (deferred) b80f8000 b8106000 stornvme (deferred) b8108000 b8118000 asahci32 (deferred) b8118000 b8120e00 disk (deferred) b8128000 b8134180 CLASSPNP (deferred) b8138000 b8141000 USBD_W8 (deferred) b8148000 b8157100 ohci1394 (deferred) b8158000 b8165080 1394BUS (deferred) b8328000 b832e780 USBSTOR (deferred) b8330000 b8336180 PCIIDEX (deferred) b8338000 b833cd00 PartMgr (deferred) b8340000 b8344c00 storpor8 (deferred) b84b8000 b84bb000 BOOTVID (deferred) b84bc000 b84bef80 ACPIEC (deferred) b85a8000 b85a9100 WMILIB (deferred) b85aa000 b85ab500 USBD (deferred) b85ac000 b85ad700 dmload (deferred) b8670000 b8670d00 pciide (deferred) b8671000 b8671d80 OPRGHDLR (deferred) 11: kd> !devnode 0 1 Dumping IopRootDeviceNode (= 0x8b314ed8) DevNode 0x8b314ed8 for PDO 0x8b3672c0 InstancePath is "HTREE\ROOT\0" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b314b00 for PDO 0x8b314c60 InstancePath is "Root\ACPI_HAL\0000" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b35e650 for PDO 0x8b30d480 InstancePath is "ACPI_HAL\PNP0C08\0" ServiceName is "ACPI" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b314788 for PDO 0x8b3148e8 InstancePath is "Root\dmio\0000" ServiceName is "dmio" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b314530 for PDO 0x8b314690 InstancePath is "Root\ftdisk\0000" ServiceName is "ftdisk" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b366008 for PDO 0x8b314438 InstancePath is "Root\LEGACY_AFD\0000" ServiceName is "AFD" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b366db0 for PDO 0x8b366f10 InstancePath is "Root\LEGACY_AMPA\0000" ServiceName is "ampa" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b366b58 for PDO 0x8b366cb8 InstancePath is "Root\LEGACY_ARP1394\0000" ServiceName is "Arp1394" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b366900 for PDO 0x8b366a60 InstancePath is "Root\LEGACY_ASMTHUB3\0000" ServiceName is "asmthub3" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b3666a8 for PDO 0x8b366808 InstancePath is "Root\LEGACY_ASMTXHCI\0000" ServiceName is "asmtxhci" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b366450 for PDO 0x8b3665b0 InstancePath is "Root\LEGACY_BEEP\0000" ServiceName is "Beep" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b313008 for PDO 0x8b366278 InstancePath is "Root\LEGACY_COMMONFX.SYS\0000" ServiceName is "COMMONFX.SYS" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b313db0 for PDO 0x8b313f10 InstancePath is "Root\LEGACY_CPUZ135\0000" ServiceName is "cpuz135" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b313b58 for PDO 0x8b313cb8 InstancePath is "Root\LEGACY_CTAC32K\0000" ServiceName is "ctac32k" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b313900 for PDO 0x8b313a60 InstancePath is "Root\LEGACY_CTAUDFX.SYS\0000" ServiceName is "CTAUDFX.SYS" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b3136a8 for PDO 0x8b313808 InstancePath is "Root\LEGACY_CTPRXY2K\0000" ServiceName is "ctprxy2k" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b313450 for PDO 0x8b3135b0 InstancePath is "Root\LEGACY_CTSBLFX.SYS\0000" ServiceName is "CTSBLFX.SYS" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b3131f8 for PDO 0x8b313358 InstancePath is "Root\LEGACY_CTSFM2K\0000" ServiceName is "ctsfm2k" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b365ed8 for PDO 0x8b365038 InstancePath is "Root\LEGACY_DMBOOT\0000" ServiceName is "dmboot" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b365c80 for PDO 0x8b365de0 InstancePath is "Root\LEGACY_DMLOAD\0000" ServiceName is "dmload" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b365a28 for PDO 0x8b365b88 InstancePath is "Root\LEGACY_ELBYCDIO\0000" ServiceName is "ElbyCDIO" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b3657d0 for PDO 0x8b365930 InstancePath is "Root\LEGACY_EMUPIA\0000" ServiceName is "emupia" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b365578 for PDO 0x8b3656d8 InstancePath is "Root\LEGACY_FIPS\0000" ServiceName is "Fips" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b365320 for PDO 0x8b365480 InstancePath is "Root\LEGACY_GPC\0000" ServiceName is "Gpc" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b312008 for PDO 0x8b365228 InstancePath is "Root\LEGACY_HA10KX2K\0000" ServiceName is "ha10kx2k" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b312db0 for PDO 0x8b312f10 InstancePath is "Root\LEGACY_HAP17V2K\0000" ServiceName is "hap17v2k" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b312b58 for PDO 0x8b312cb8 InstancePath is "Root\LEGACY_HTTP\0000" ServiceName is "HTTP" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b312900 for PDO 0x8b312a60 InstancePath is "Root\LEGACY_IPNAT\0000" ServiceName is "IpNat" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b3126a8 for PDO 0x8b312808 InstancePath is "Root\LEGACY_IPSEC\0000" ServiceName is "IPSec" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b312450 for PDO 0x8b3125b0 InstancePath is "Root\LEGACY_KSECDD\0000" ServiceName is "ksecdd" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b3121f8 for PDO 0x8b312358 InstancePath is "Root\LEGACY_MNMDD\0000" ServiceName is "mnmdd" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b364ed8 for PDO 0x8b364038 InstancePath is "Root\LEGACY_MOUNTMGR\0000" ServiceName is "mountmgr" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b364c80 for PDO 0x8b364de0 InstancePath is "Root\LEGACY_NDIS\0000" ServiceName is "NDIS" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b364a28 for PDO 0x8b364b88 InstancePath is "Root\LEGACY_NDISTAPI\0000" ServiceName is "NdisTapi" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b3647d0 for PDO 0x8b364930 InstancePath is "Root\LEGACY_NDISUIO\0000" ServiceName is "Ndisuio" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b364578 for PDO 0x8b3646d8 InstancePath is "Root\LEGACY_NDPROXY\0000" ServiceName is "NDProxy" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b364320 for PDO 0x8b364480 InstancePath is "Root\LEGACY_NETBT\0000" ServiceName is "NetBT" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b311008 for PDO 0x8b364228 InstancePath is "Root\LEGACY_NULL\0000" ServiceName is "Null" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b311db0 for PDO 0x8b311f10 InstancePath is "Root\LEGACY_OSSRV\0000" ServiceName is "ossrv" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b311b58 for PDO 0x8b311cb8 InstancePath is "Root\LEGACY_PARPORT\0000" ServiceName is "Parport" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b311900 for PDO 0x8b311a60 InstancePath is "Root\LEGACY_PARTMGR\0000" ServiceName is "PartMgr" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b3116a8 for PDO 0x8b311808 InstancePath is "Root\LEGACY_PARVDM\0000" ServiceName is "ParVdm" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b311450 for PDO 0x8b3115b0 InstancePath is "Root\LEGACY_RASACD\0000" ServiceName is "RasAcd" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b3111f8 for PDO 0x8b311358 InstancePath is "Root\LEGACY_RDPCDD\0000" ServiceName is "RDPCDD" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b363ed8 for PDO 0x8b363038 InstancePath is "Root\LEGACY_TCPIP\0000" ServiceName is "Tcpip" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b363c80 for PDO 0x8b363de0 InstancePath is "Root\LEGACY_UCX01000\0000" ServiceName is "UCX01000" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b363a28 for PDO 0x8b363b88 InstancePath is "Root\LEGACY_USBSTOR\0000" ServiceName is "USBSTOR" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b3637d0 for PDO 0x8b363930 InstancePath is "Root\LEGACY_VBOXDRV\0000" ServiceName is "VBoxDrv" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b363578 for PDO 0x8b3636d8 InstancePath is "Root\LEGACY_VBOXUSBMON\0000" ServiceName is "VBoxUSBMon" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b363320 for PDO 0x8b363480 InstancePath is "Root\LEGACY_VGASAVE\0000" ServiceName is "VgaSave" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b310008 for PDO 0x8b363228 InstancePath is "Root\LEGACY_VOLSNAP\0000" ServiceName is "VolSnap" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b310db0 for PDO 0x8b310f10 InstancePath is "Root\LEGACY_WANARP\0000" ServiceName is "Wanarp" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b310b58 for PDO 0x8b310cb8 InstancePath is "Root\LEGACY_WDF01_W8\0000" ServiceName is "WDF01_W8" State = DeviceNodeStarted (0x308) Previous State = DeviceNodeEnumerateCompletion (0x30d) DevNode 0x8b310900 for PDO 0x8b310a60 InstancePath is "Root\MEDIA\MS_MMACM" ServiceName is "audstub" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b3106a8 for PDO 0x8b310808 InstancePath is "Root\MEDIA\MS_MMDRV" ServiceName is "audstub" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b310450 for PDO 0x8b3105b0 InstancePath is "Root\MEDIA\MS_MMMCI" ServiceName is "audstub" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b3101f8 for PDO 0x8b310358 InstancePath is "Root\MEDIA\MS_MMVCD" ServiceName is "audstub" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b362ed8 for PDO 0x8b362038 InstancePath is "Root\MEDIA\MS_MMVID" ServiceName is "audstub" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b362c80 for PDO 0x8b362de0 InstancePath is "Root\MS_L2TPMINIPORT\0000" ServiceName is "Rasl2tp" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b362a28 for PDO 0x8b362b88 InstancePath is "Root\MS_NDISWANIP\0000" ServiceName is "NdisWan" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b3627d0 for PDO 0x8b362930 InstancePath is "Root\MS_PPPOEMINIPORT\0000" ServiceName is "RasPppoe" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b362578 for PDO 0x8b3626d8 InstancePath is "Root\MS_PPTPMINIPORT\0000" ServiceName is "PptpMiniport" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b362320 for PDO 0x8b362480 InstancePath is "Root\MS_PSCHEDMP\0000" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30f008 for PDO 0x8b362228 InstancePath is "Root\MS_PSCHEDMP\0001" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30fdb0 for PDO 0x8b30ff10 InstancePath is "Root\MS_PSCHEDMP\0002" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30fb58 for PDO 0x8b30fcb8 InstancePath is "Root\MS_PSCHEDMP\0003" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30f900 for PDO 0x8b30fa60 InstancePath is "Root\MS_PSCHEDMP\0004" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30f6a8 for PDO 0x8b30f808 InstancePath is "Root\MS_PSCHEDMP\0005" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30f450 for PDO 0x8b30f5b0 InstancePath is "Root\MS_PSCHEDMP\0006" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30f1f8 for PDO 0x8b30f358 InstancePath is "Root\MS_PSCHEDMP\0007" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b361ed8 for PDO 0x8b361038 InstancePath is "Root\MS_PSCHEDMP\0008" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b361c80 for PDO 0x8b361de0 InstancePath is "Root\MS_PSCHEDMP\0009" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b361a28 for PDO 0x8b361b88 InstancePath is "Root\MS_PSCHEDMP\0010" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b3617d0 for PDO 0x8b361930 InstancePath is "Root\MS_PSCHEDMP\0011" ServiceName is "PSched" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b361578 for PDO 0x8b3616d8 InstancePath is "Root\MS_PTIMINIPORT\0000" ServiceName is "Raspti" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b361320 for PDO 0x8b361480 InstancePath is "Root\NET\0000" ServiceName is "VBoxNetAdp" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30e008 for PDO 0x8b361228 InstancePath is "Root\RDPDR\0000" ServiceName is "rdpdr" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30edb0 for PDO 0x8b30ef10 InstancePath is "Root\RDP_KBD\0000" ServiceName is "TermDD" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30eb58 for PDO 0x8b30ecb8 InstancePath is "Root\RDP_MOU\0000" ServiceName is "TermDD" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30e900 for PDO 0x8b30ea60 InstancePath is "Root\SCSIADAPTER\0000" ServiceName is "VClone" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30e6a8 for PDO 0x8b30e808 InstancePath is "Root\SUN_VBOXNETFLTMP\0000" ServiceName is "VBoxNetFlt" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30e450 for PDO 0x8b30e5b0 InstancePath is "Root\SUN_VBOXNETFLTMP\0001" ServiceName is "VBoxNetFlt" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30e1f8 for PDO 0x8b30e358 InstancePath is "Root\SUN_VBOXNETFLTMP\0002" ServiceName is "VBoxNetFlt" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b360ed8 for PDO 0x8b360038 InstancePath is "Root\SUN_VBOXNETFLTMP\0003" ServiceName is "VBoxNetFlt" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b360c80 for PDO 0x8b360de0 InstancePath is "Root\SUN_VBOXNETFLTMP\0004" ServiceName is "VBoxNetFlt" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b360a28 for PDO 0x8b360b88 InstancePath is "Root\SUN_VBOXNETFLTMP\0005" ServiceName is "VBoxNetFlt" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b3607d0 for PDO 0x8b360930 InstancePath is "Root\SUN_VBOXNETFLTMP\0006" ServiceName is "VBoxNetFlt" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b360578 for PDO 0x8b3606d8 InstancePath is "Root\SUN_VBOXNETFLTMP\0007" ServiceName is "VBoxNetFlt" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b360320 for PDO 0x8b360480 InstancePath is "Root\SUN_VBOXNETFLTMP\0008" ServiceName is "VBoxNetFlt" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30d008 for PDO 0x8b360228 InstancePath is "Root\SUN_VBOXNETFLTMP\0009" ServiceName is "VBoxNetFlt" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30ddb0 for PDO 0x8b30df10 InstancePath is "Root\SYSTEM\0000" ServiceName is "swenum" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30db58 for PDO 0x8b30dcb8 InstancePath is "Root\SYSTEM\0001" ServiceName is "update" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301) DevNode 0x8b30d900 for PDO 0x8b30da60 InstancePath is "Root\SYSTEM\0002" ServiceName is "mssmbios" State = DeviceNodeInitialized (0x302) Previous State = DeviceNodeUninitialized (0x301)
George King Posted May 2, 2022 Posted May 2, 2022 (edited) @Dietmar Try it with this msrpc.sys from Vista (no missing exports at all files) https://anonfiles.com/T7A23dc1y0/msrpc_sys Or try to patch it, seems like driver itself doesn't need that function Edited May 2, 2022 by George King
Dietmar Posted May 2, 2022 Posted May 2, 2022 @George King I try this msrpc.sys from Vista, but gives the same Bsod FAILURE_BUCKET_ID: 0xc2_0_msrpc!I_RpcGetCompleteAndFreeRoutine+22 Dietmar
George King Posted May 2, 2022 Posted May 2, 2022 @Dietmar Try to nop that call RpcAsyncCompleteCall I see BSOD inside, we don't need that funtion now, so nop it to fix it should be fine.
Damnation Posted May 2, 2022 Author Posted May 2, 2022 @Dietmar @George King most of the missing imports for msrpc.sys I added are just stubs right now i.e just return STATUS_SUCCESS I'll work on them tomorrow.
Dietmar Posted May 2, 2022 Posted May 2, 2022 @Damnation May be, that it is possible to enable NDIS6 without msrpc.sys Dietmar
George King Posted May 2, 2022 Posted May 2, 2022 3 minutes ago, Dietmar said: @Damnation May be, that it is possible to enable NDIS6 without msrpc.sys Dietmar Then try to remove msrpc imports from netio.sys, Right lick in CFF Explorer and Delete import Descriptor. No idea what happends, just rebuild pe header and save to see if it works or fails
Dietmar Posted May 2, 2022 Posted May 2, 2022 @George King I never used this tool. Can you disable all calls for msrpc.sys in all the files Dietmar
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now