How to get control of a Windows 8.1 client with a bad driver installed so I can remove it. RRS feed

  • Question

  • Hello.

    I am developing a KMDF driver and I have provisioned my latest version to a Windows 8.1 client machine. The machine blue screens when I re-boot it. I have pressed F8 during the boot to get control but now I only have access to my named session, not WDKRemote User.  

    I just got the remote kernel debugging working from Visual Studio 2013 Pro RC and now my client is mucked up.

    Any recommendations on where to go from here?



    Wednesday, September 25, 2013 8:28 PM

All replies

  • connect a kernel debug at boot (windbg may be better for this), put a break point on your driver's DriverEntry, ie

    bu foo!DriverEntry

    and then change the return value from STATUS_SUCCESS to a failure, 0xc0000001 will do, so that your driver fails to load. after that you can update the driver. alternatively, you can use .kdfiles to load a fixed driver from the host.

    d -- This posting is provided "AS IS" with no warranties, and confers no rights.

    Wednesday, September 25, 2013 10:28 PM
  • Hello Doron,

    Would returning failure from DriverEntry not cause the system to crash if the driver is part of the disk/block stack?

    Is there any documentation that describes the .kdfiles usage in detail for storage driver?

    Thursday, September 26, 2013 3:01 AM
  • If you are a filter, it could possibly still boot ok even when you return failure. Testing this out is no worse than your current situation. A simple search on MSDN for ".kdfiles" yields this link as the first hit,


    d -- This posting is provided "AS IS" with no warranties, and confers no rights.

    Thursday, September 26, 2013 3:54 AM