none
I would like to know why the NDIS IM (passthru) drivers are not installed correctly on Windows10 64-bit. RRS feed

  • Question

  • I would like to know why the NDIS IM (passthru) drivers are not installed correctly on Windows10 64-bit.

    ex)
    C:\WinDDK\7600.16385.1\src\network\ndis\passthru

    -. IN SHA-1 authentication applying state

    The above sources have confirmed that normally installed from xp to win8.1 without any source changes.


     1) The setup process : Local NIC attribute information > Install > Service Type > Select the inf file

     2) The NIC driver is installed on the local property information window is displayed items.

    -. However, if you run in WIN10 it will not install without displaying any error messages.


    -. Driver installation is the cause of failure ?

     1) Is the problem of certification?
     2) Has the construction of the INF file is changed?
     3) Does it no longer supports the driver in ms ?

    • Edited by sjback Friday, August 7, 2015 12:09 AM
    Thursday, August 6, 2015 11:42 AM

Answers

  • In the description of the WDK10 Sample source it is assumed to be not a problem in authentication.

    We believe it no longer supports the source of the passthru structures in Windows 10.

    It recommends that by changing the shape of the source Ndis lwf write.

    Below is a link to see the wording of gifhub.

     https://msdn.microsoft.com/en-us/library/windows/hardware/ff554118(v=vs.85).aspx
     <- [MSDN guide for WDk10]

    : https://github.com/Microsoft/Windows-driver-samples/tree/master/network/ndis/filter
     <- WD10 Link  

     https://github.com/Microsoft/Windows-driver-samples/tree/master/network/ndis/filter
    -> The Ndislwf sample is a do-nothing pass-through NDIS 6 filter driver that demonstrates the basic principles underlying an NDIS 6.0 Filter driver. 
    ->  The sample replaces the NDIS 5 Sample Intermediate Driver (Passthru driver).

    • Marked as answer by sjback Wednesday, August 12, 2015 11:15 AM
    Sunday, August 9, 2015 9:22 PM

All replies

  • What is in the installer log file: C:\Windows\INF\SetupAPI.Dev.log? Also, the new Win10 driver signing requirements are here

     -Brian


    Azius Developer Training www.azius.com Windows device driver, internals, security, & forensics training and consulting. Blog at www.azius.com/blog

    Thursday, August 6, 2015 5:19 PM
    Moderator
  • Thank you for your advoice.

    Below are the installation log files.

    However, if the problem still confused whether to authenticate or the inf file setup problems.

    Win7 / 8 / 8.1 in just a sha-1 authentication has been installed properly.

     
    [Boot Session: 2015/08/07 09:06:15.486]

    >>>  [SetupCopyOEMInf - c:\920x64_dbg_mode\netim_m.inf]
    >>>  Section start 2015/08/07 09:10:48.425
          cmd: C:\Windows\system32\DllHost.exe /Processid:{7007ACD1-3202-11D1-AAD2-00805FC1270E}
         sto: {Setup Import Driver Package: c:\920x64_dbg_mode\netim_m.inf} 09:10:48.440
         inf:      Provider: GLUESYS CO., Ltd.
         inf:      Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
         inf:      Driver Version: 08/16/2013,15.17.36.888
         inf:      Catalog File: nethddim.cat
         sto:      {Copy Driver Package: c:\920x64_dbg_mode\netim_m.inf} 09:10:48.500
         sto:           Driver Package = c:\920x64_dbg_mode\netim_m.inf
         sto:           Flags          = 0x00000007
         sto:           Destination    = C:\Users\sjback\AppData\Local\Temp\{5055af33-4ab3-1443-912e-c576df92697e}
         sto:           Copying driver package files to 'C:\Users\sjback\AppData\Local\Temp\{5055af33-4ab3-1443-912e-c576df92697e}'.
         flq:           Copying 'c:\920x64_dbg_mode\netim_m.inf' to 'C:\Users\sjback\AppData\Local\Temp\{5055af33-4ab3-1443-912e-c576df92697e}\netim_m.inf'.
         flq:           Copying 'c:\920x64_dbg_mode\nethddim.cat' to 'C:\Users\sjback\AppData\Local\Temp\{5055af33-4ab3-1443-912e-c576df92697e}\nethddim.cat'.
         sto:      {Copy Driver Package: exit(0x00000000)} 09:10:48.531
         pol:      {Driver package policy check} 09:10:48.790
         pol:      {Driver package policy check - exit(0x00000000)} 09:10:48.790
         sto:      {Stage Driver Package: C:\Users\sjback\AppData\Local\Temp\{5055af33-4ab3-1443-912e-c576df92697e}\netim_m.inf} 09:10:48.790
         inf:           {Query Configurability: C:\Users\sjback\AppData\Local\Temp\{5055af33-4ab3-1443-912e-c576df92697e}\netim_m.inf} 09:10:48.805
         inf:                Driver package is fully isolated.
         inf:                Driver package 'netim_m.inf' is configurable.
         inf:           {Query Configurability: exit(0x00000000)} 09:10:48.805
         flq:           Copying 'C:\Users\sjback\AppData\Local\Temp\{5055af33-4ab3-1443-912e-c576df92697e}\netim_m.inf' to 'C:\Windows\System32\DriverStore\Temp\{60a9fae2-508b-6240-b977-6d2d362bca14}\netim_m.inf'.
         flq:           Copying 'C:\Users\sjback\AppData\Local\Temp\{5055af33-4ab3-1443-912e-c576df92697e}\nethddim.cat' to 'C:\Windows\System32\DriverStore\Temp\{60a9fae2-508b-6240-b977-6d2d362bca14}\nethddim.cat'.
         sto:           {DRIVERSTORE IMPORT VALIDATE} 09:10:48.852
         sig:                {_VERIFY_FILE_SIGNATURE} 09:10:48.866
         sig:                     Key      = netim_m.inf
         sig:                     FilePath = C:\Windows\System32\DriverStore\Temp\{60a9fae2-508b-6240-b977-6d2d362bca14}\netim_m.inf
         sig:                     Catalog  = C:\Windows\System32\DriverStore\Temp\{60a9fae2-508b-6240-b977-6d2d362bca14}\nethddim.cat
    !    sig:                     Verifying file against specific (valid) catalog failed! (0x800b0109)
    !    sig:                     Error 0x800b0109: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
         sig:                {_VERIFY_FILE_SIGNATURE exit(0x800b0109)} 09:10:48.896
         sig:                {_VERIFY_FILE_SIGNATURE} 09:10:48.896
         sig:                     Key      = netim_m.inf
         sig:                     FilePath = C:\Windows\System32\DriverStore\Temp\{60a9fae2-508b-6240-b977-6d2d362bca14}\netim_m.inf
         sig:                     Catalog  = C:\Windows\System32\DriverStore\Temp\{60a9fae2-508b-6240-b977-6d2d362bca14}\nethddim.cat
         sig:                     Success: File is signed in Authenticode(tm) catalog.
         sig:                     Error 0xe0000242: The publisher of an Authenticode(tm) signed catalog has not yet been established as trusted.
         sig:                {_VERIFY_FILE_SIGNATURE exit(0xe0000242)} 09:10:48.912
    !    sig:                Driver package signer is unknown, but user trusts signer.
         sig:                Driver package certificate was successfully installed.
         sto:           {DRIVERSTORE IMPORT VALIDATE: exit(0x00000000)} 09:10:50.816
         sig:           Signer Score = 0x0F000000
         sig:           Signer Name  = GLUESYS Co., Ltd
         sto:           {DRIVERSTORE IMPORT BEGIN} 09:10:50.832
         sto:           {DRIVERSTORE IMPORT BEGIN: exit(0x00000000)} 09:10:50.832
         cpy:           {Copy Directory: C:\Windows\System32\DriverStore\Temp\{60a9fae2-508b-6240-b977-6d2d362bca14}} 09:10:50.832
         cpy:                Target Path = C:\Windows\System32\DriverStore\FileRepository\netim_m.inf_amd64_aeeb6ce4104361b4
         cpy:           {Copy Directory: exit(0x00000000)} 09:10:50.847
         idb:           {Register Driver Package: C:\Windows\System32\DriverStore\FileRepository\netim_m.inf_amd64_aeeb6ce4104361b4\netim_m.inf} 09:10:50.862
         idb:                Created driver package object 'netim_m.inf_amd64_aeeb6ce4104361b4' in DRIVERS database node.
         idb:                Created driver INF file object 'oem4.inf' in DRIVERS database node.
         idb:                Registered driver package 'netim_m.inf_amd64_aeeb6ce4104361b4' with 'oem4.inf'.
         idb:           {Register Driver Package: exit(0x00000000)} 09:10:50.877
         idb:           {Publish Driver Package: C:\Windows\System32\DriverStore\FileRepository\netim_m.inf_amd64_aeeb6ce4104361b4\netim_m.inf} 09:10:50.877
         idb:                Activating driver package 'netim_m.inf_amd64_aeeb6ce4104361b4'.
         cpy:                Published 'netim_m.inf_amd64_aeeb6ce4104361b4\netim_m.inf' to 'oem4.inf'.
         idb:                Indexed 2 device IDs for 'netim_m.inf_amd64_aeeb6ce4104361b4'.
         sto:                Flushed driver database node 'DRIVERS'. Time = 63 ms
         sto:                Flushed driver database node 'SYSTEM'. Time = 47 ms
         idb:           {Publish Driver Package: exit(0x00000000)} 09:10:51.015
         sto:           {DRIVERSTORE IMPORT END} 09:10:51.015
         sig:                Installed catalog 'nethddim.cat' as 'oem4.cat'.
         sto:           {DRIVERSTORE IMPORT END: exit(0x00000000)} 09:10:51.365
         sto:      {Stage Driver Package: exit(0x00000000)} 09:10:51.365
    !    ndv:      Unable to mark devices that match new INF - (00000490)!
         sto: {Setup Import Driver Package - exit (0x00000000)} 09:10:51.380
         inf: Driver Store Path: C:\Windows\System32\DriverStore\FileRepository\netim_m.inf_amd64_aeeb6ce4104361b4\netim_m.inf
         inf: Published Inf Path: C:\Windows\INF\oem4.inf
    <<<  Section end 2015/08/07 09:10:51.380
    <<<  [Exit status: SUCCESS]


    >>>  [SetupCopyOEMInf - c:\920x64_dbg_mode\netim.inf]
    >>>  Section start 2015/08/07 09:10:51.380
          cmd: C:\Windows\system32\DllHost.exe /Processid:{7007ACD1-3202-11D1-AAD2-00805FC1270E}
         sto: {Setup Import Driver Package: c:\920x64_dbg_mode\netim.inf} 09:10:51.380
         inf:      Provider: GLUESYS Co., Ltd.
         inf:      Class GUID: {4D36E974-E325-11CE-BFC1-08002BE10318}
         inf:      Driver Version: 08/16/2013,15.17.36.867
         inf:      Catalog File: nethddim.cat
         sto:      {Copy Driver Package: c:\920x64_dbg_mode\netim.inf} 09:10:51.395
         sto:           Driver Package = c:\920x64_dbg_mode\netim.inf
         sto:           Flags          = 0x00000007
         sto:           Destination    = C:\Users\sjback\AppData\Local\Temp\{1696d572-e14b-534e-9fd9-e9624cad7e1c}
         sto:           Copying driver package files to 'C:\Users\sjback\AppData\Local\Temp\{1696d572-e14b-534e-9fd9-e9624cad7e1c}'.
         flq:           Copying 'c:\920x64_dbg_mode\nethddim.cat' to 'C:\Users\sjback\AppData\Local\Temp\{1696d572-e14b-534e-9fd9-e9624cad7e1c}\nethddim.cat'.
         flq:           Copying 'c:\920x64_dbg_mode\nethddim.sys' to 'C:\Users\sjback\AppData\Local\Temp\{1696d572-e14b-534e-9fd9-e9624cad7e1c}\nethddim.sys'.
         flq:           Copying 'c:\920x64_dbg_mode\netim.inf' to 'C:\Users\sjback\AppData\Local\Temp\{1696d572-e14b-534e-9fd9-e9624cad7e1c}\netim.inf'.
         sto:      {Copy Driver Package: exit(0x00000000)} 09:10:51.411
         pol:      {Driver package policy check} 09:10:51.426
         pol:      {Driver package policy check - exit(0x00000000)} 09:10:51.426
         sto:      {Stage Driver Package: C:\Users\sjback\AppData\Local\Temp\{1696d572-e14b-534e-9fd9-e9624cad7e1c}\netim.inf} 09:10:51.426
         inf:           {Query Configurability: C:\Users\sjback\AppData\Local\Temp\{1696d572-e14b-534e-9fd9-e9624cad7e1c}\netim.inf} 09:10:51.426
         inf:                Driver package 'netim.inf' is configurable.
         inf:           {Query Configurability: exit(0x00000000)} 09:10:51.426
         flq:           Copying 'C:\Users\sjback\AppData\Local\Temp\{1696d572-e14b-534e-9fd9-e9624cad7e1c}\nethddim.cat' to 'C:\Windows\System32\DriverStore\Temp\{275bbbe9-608f-544a-b8db-da068734cb26}\nethddim.cat'.
         flq:           Copying 'C:\Users\sjback\AppData\Local\Temp\{1696d572-e14b-534e-9fd9-e9624cad7e1c}\nethddim.sys' to 'C:\Windows\System32\DriverStore\Temp\{275bbbe9-608f-544a-b8db-da068734cb26}\nethddim.sys'.
         flq:           Copying 'C:\Users\sjback\AppData\Local\Temp\{1696d572-e14b-534e-9fd9-e9624cad7e1c}\netim.inf' to 'C:\Windows\System32\DriverStore\Temp\{275bbbe9-608f-544a-b8db-da068734cb26}\netim.inf'.
         sto:           {DRIVERSTORE IMPORT VALIDATE} 09:10:51.472
         sig:                {_VERIFY_FILE_SIGNATURE} 09:10:51.486
         sig:                     Key      = netim.inf
         sig:                     FilePath = C:\Windows\System32\DriverStore\Temp\{275bbbe9-608f-544a-b8db-da068734cb26}\netim.inf
         sig:                     Catalog  = C:\Windows\System32\DriverStore\Temp\{275bbbe9-608f-544a-b8db-da068734cb26}\nethddim.cat
    !    sig:                     Verifying file against specific (valid) catalog failed! (0x800b0109)
    !    sig:                     Error 0x800b0109: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
         sig:                {_VERIFY_FILE_SIGNATURE exit(0x800b0109)} 09:10:51.501
         sig:                {_VERIFY_FILE_SIGNATURE} 09:10:51.501
         sig:                     Key      = netim.inf
         sig:                     FilePath = C:\Windows\System32\DriverStore\Temp\{275bbbe9-608f-544a-b8db-da068734cb26}\netim.inf
         sig:                     Catalog  = C:\Windows\System32\DriverStore\Temp\{275bbbe9-608f-544a-b8db-da068734cb26}\nethddim.cat
         sig:                     Success: File is signed in Authenticode(tm) catalog.
         sig:                     Error 0xe0000241: The INF was signed with an Authenticode(tm) catalog from a trusted publisher.
         sig:                {_VERIFY_FILE_SIGNATURE exit(0xe0000241)} 09:10:51.532
         sto:           {DRIVERSTORE IMPORT VALIDATE: exit(0x00000000)} 09:10:51.532
         sig:           Signer Score = 0x0F000000
         sig:           Signer Name  = GLUESYS Co., Ltd
         sto:           {DRIVERSTORE IMPORT BEGIN} 09:10:51.532
         sto:           {DRIVERSTORE IMPORT BEGIN: exit(0x00000000)} 09:10:51.532
         cpy:           {Copy Directory: C:\Windows\System32\DriverStore\Temp\{275bbbe9-608f-544a-b8db-da068734cb26}} 09:10:51.532
         cpy:                Target Path = C:\Windows\System32\DriverStore\FileRepository\netim.inf_amd64_af4f2953184f177a
         cpy:           {Copy Directory: exit(0x00000000)} 09:10:51.532
         idb:           {Register Driver Package: C:\Windows\System32\DriverStore\FileRepository\netim.inf_amd64_af4f2953184f177a\netim.inf} 09:10:51.532
         idb:                Created driver package object 'netim.inf_amd64_af4f2953184f177a' in DRIVERS database node.
         idb:                Created driver INF file object 'oem5.inf' in DRIVERS database node.
         idb:                Registered driver package 'netim.inf_amd64_af4f2953184f177a' with 'oem5.inf'.
         idb:           {Register Driver Package: exit(0x00000000)} 09:10:51.548
         idb:           {Publish Driver Package: C:\Windows\System32\DriverStore\FileRepository\netim.inf_amd64_af4f2953184f177a\netim.inf} 09:10:51.548
         idb:                Activating driver package 'netim.inf_amd64_af4f2953184f177a'.
         cpy:                Published 'netim.inf_amd64_af4f2953184f177a\netim.inf' to 'oem5.inf'.
         idb:                Indexed 2 device IDs for 'netim.inf_amd64_af4f2953184f177a'.
         sto:                Flushed driver database node 'DRIVERS'. Time = 203 ms
         sto:                Flushed driver database node 'SYSTEM'. Time = 63 ms
         idb:           {Publish Driver Package: exit(0x00000000)} 09:10:51.899
         sto:           {DRIVERSTORE IMPORT END} 09:10:51.899
         sig:                Installed catalog 'nethddim.cat' as 'oem5.cat'.
         sto:           {DRIVERSTORE IMPORT END: exit(0x00000000)} 09:10:51.913
         sto:      {Stage Driver Package: exit(0x00000000)} 09:10:51.913
    !    ndv:      Unable to mark devices that match new INF - (00000490)!
         sto: {Setup Import Driver Package - exit (0x00000000)} 09:10:51.929
         inf: Driver Store Path: C:\Windows\System32\DriverStore\FileRepository\netim.inf_amd64_af4f2953184f177a\netim.inf
         inf: Published Inf Path: C:\Windows\INF\oem5.inf
    <<<  Section end 2015/08/07 09:10:51.943
    <<<  [Exit status: SUCCESS]

     

    Friday, August 7, 2015 4:17 AM
  • Looks like a signing problem. Have you tried to run in testsigning mode or with debugger connected?

    -- pa

    Friday, August 7, 2015 5:31 AM
  • Current is applied sha-1 authentication code for authentication.


    because whql authentication requires the purchase of a ev certificate

    investigating.... how to bypass authentication whql


    any idea avoid whql 

    Are there any ideas for avoiding whql authentication on win10
    Friday, August 7, 2015 6:21 AM
  • No, that's why they're called Requirements. You'll have to get your driver properly signed

     -Brian


    Azius Developer Training www.azius.com Windows device driver, internals, security, & forensics training and consulting. Blog at www.azius.com/blog

    • Marked as answer by Doron Holan [MSFT] Friday, August 7, 2015 9:32 PM
    • Unmarked as answer by sjback Wednesday, August 12, 2015 11:16 AM
    Friday, August 7, 2015 6:59 PM
    Moderator
  • In the description of the WDK10 Sample source it is assumed to be not a problem in authentication.

    We believe it no longer supports the source of the passthru structures in Windows 10.

    It recommends that by changing the shape of the source Ndis lwf write.

    Below is a link to see the wording of gifhub.

     https://msdn.microsoft.com/en-us/library/windows/hardware/ff554118(v=vs.85).aspx
     <- [MSDN guide for WDk10]

    : https://github.com/Microsoft/Windows-driver-samples/tree/master/network/ndis/filter
     <- WD10 Link  

     https://github.com/Microsoft/Windows-driver-samples/tree/master/network/ndis/filter
    -> The Ndislwf sample is a do-nothing pass-through NDIS 6 filter driver that demonstrates the basic principles underlying an NDIS 6.0 Filter driver. 
    ->  The sample replaces the NDIS 5 Sample Intermediate Driver (Passthru driver).

    • Marked as answer by sjback Wednesday, August 12, 2015 11:15 AM
    Sunday, August 9, 2015 9:22 PM
  • Did you ever resolve this issue and hoping to see some insights as we also running into similar issues for one of our NDIS intermediate driver .

    !    ndv:      Unable to mark devices that match new INF - (00000490)!

    Thanks,

    Wednesday, January 2, 2019 4:42 PM