Please help - SECDRV Isn't being created

[JCarnon]

Hi,

I don't seem to be able to successfully complete these steps (I've done it once, somehow), but ever since, it's not worked for me. Typically, all the steps seem to go through ok, but after the reboot there is no SECDRV Service Installed and no SECDRV Reg Key.

1. Installed the SDK, left default installation directory.
2. Open PS as Admin and run

$SdkToolsPath = dir -Path "${env:ProgramFiles(x86)}\Windows Kits\10" -Recurse -Directory | where { $n = $_.FullName; $_.BaseName -eq "x86" -and [System.IO.File]::Exists("$n\makecert.exe") -and [System.IO.File]::Exists("$n\makecat.exe") -and [System.IO.File]::Exists("$n\signtool.exe") } | sort CreationTime | select -Last 1
$env:Path = "$env:Path;$($SdkToolsPath.FullName)"

Result

3. Create the Folder in Downloads and set working directory, both work.

4. Download the SECDRV.sys file from GitHub. Success.

5. Enable Test Signing. Success.

6. This is where I think it's falling down. Pick a Subject. I simply leave it as default.

$Subject = "SECDRV.sys Publisher by \\$env:ComputerName\$env:UserName on $("{0:yyyy-MM-dd HH:mm}" -f [datetimeoffset]::Now)"

7. Then I attempt to make the root cert, slightly modified code.

makecert -r -sr LocalMachine -ss My -n "CN=$Subject"

8. Copied created cert to Trusted Root and Trusted Publishers.

9. Create SECDRV.cdf - Seemingly successful. I.e, it created the file in the working directory.

10. Driver Catalog also created

11. Gather Thumbprint, then sign the driver. No changes to any code made.

12. Install the driver

Then, I reboot.

What am I doing wrong to not get this working again? PLEASE HELP!

[ericwj]

So what is failing? What happens if you do sc start secdrv?

Recent versions of PowerShell don't alias sc anymore, and perhaps I should have updated the steps slightly to use Set-Content instead of sc to write the .cdf file, since sc will invoke sc.exe in PowerShell 7.

What happens if you do sc query secdrv after rebooting? Do you have the text in the four corners of the screen after starting Windows 10 indicating that you are in fact in test signing mode? Is secure boot disabled in the BIOS?

[JCarnon]

Thanks for coming back to me. Upon completing the steps mentioned above and after the reboot, I attempt to start the service.

The error is that the service doesn't exist.

I ran Get-Service secdrv and I do get the "cannot find service error"

So, it's clearly not running something properly. I'll happily provide some more screenshots if it helps at all.

My PS knowledge is woeful so that doesn't help.

I can confirm Test mode watermark is displayed upon the reboot and Secure Boot is disabled.

[ericwj]

Can you open regedit and check that you have Secdrv in Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services.

[JCarnon]

Nope. It's one of the first things I check after the reboot.

I've done multiple clean OS builds and am now attempting to get the steps working on a VM.

[ericwj]

You might have to check the registry - trying Get-Service may not work since it is a driver, not a normal service. Try repeating the driver installation and check right afterwards, perhaps even running this PowerShell command, before rebooting and then again after rebooting:

dir HKLM:\SYSTEM\CurrentControlSet\Services\Secdrv

I have never been able to run a simple game in a VM though, even when Hyper-V still had RemoteFX for 3D Video hardware acceleration and that feature is removed in the sense that you cannot add a RemoteFX adapter anymore.

[ericwj]

Better do

Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Secdrv

[JCarnon]

Sorry. I meant I was able to check the Registry after the reboot, but the Key wasn't there.

I'm only getting the process working through the VM so I can make sure it works as expected. Once I get it working I'll run through it on the actual machine.

I tried running the actual games through a VM first but as you say, the performance was awful.

I'll try it again on a snapshot and see if this works.

I really appreciate your assistance.

[ericwj]

Next step would be to check the Event Log for anything relevant. Just take note of the time before you install the driver until the time it fails to start. You can then filter the Event Log by start and end time and perhaps first filter to see just Critical, Error and Warning events.

Do post here what you find.

eventvwr.msc

[JCarnon]

Ok. Just tried the steps from scratch, using your updated instructions (thanks for that).

I've attached the Screenshot(s)

I've checked the Event Viewer and there are no Warnings or Errors regarding this driver.

I simply don't know what I am doing wrong.

[ericwj]

This is in fact correct. The driver is added to the driver catalog, but it is not installed until it is needed or requested. Perhaps you have to actually go through the first step on the list (which I have not):

• Install a game that brings (a recent version of) SECDRV.sys.

[JCarnon]

Ok, so I think I've found the reason why SecDrv wasn't being created.

Everything I had done previously was working successfully, however SecDrv wasn't appearing in the Registry, even after a reboot. Even though a game was installed and I had attempted to run it.

Any previous attempts to start the service manually returned the "service not installed error".

Turns out, I needed to run the game as Administrator, only then did SecDrv appear immediately in the registry.

I then attempted to run the service manually, but it returned a "blocked error". I got around this error by copying the SECDRV.SYS file to System32\Drivers.

So,

Install a game Install SDK Follow the instructions Reboot Run Game

If it fails

Check Registry If SecDrv doesn't appear Run the Game as Admin

Check Registry again (SecDrv should appear) Start Service manually

If it's blocked, copy SecDrv.sys to System32\Drivers folder

Start Service Run Game

I think that's it.

Thanks for your help!

[ericwj]

Thanks for the effort!