hacksysteam
commented
4 years ago @yavuzwb can you give me any error message to help debug this issue?
Closed yavuzwb closed 4 years ago
hacksysteam
commented
4 years ago @yavuzwb can you give me any error message to help debug this issue?
yavuzwb
commented
4 years ago @hacksysteam Actually, there is no any error message. I am trying to see on the Windbg(debugger machine) but it doesn't come. I checked also active services on OSRLoader, HEVD was running.
After this kind of problem, I tried previous releases, it works without any problem.
hacksysteam
commented
4 years ago Oh! I understood the issue. Before loading the driver, can you attach kernel driver and type this commands
ed nt!Kd_DEFAULT Mask 8
ed nt!Kd_IHVDRIVER_Mask 8
gAfter that load the driver and you should see the messages from HEVD.
yavuzwb
commented
4 years ago Issue is solved.
Thank you.
sophieboyle
commented
2 years ago Tried the above with HEVD 3.0 on a win7 x86 vm, but sadly it didn't work. OSR Loader has no problem loading the driver and reports success (checked by running querydriver from cmdline), but HEVD header is not seen on DebugView or WinDbg. Had to just use HEVD 2.0 instead
hacksysteam
commented
2 years ago Hi @sophieboyle
Can you check on Windows 10 with the above commands. One issue I can think of because of which you don't see the header is because the driver got loaded before you ran those commands.
Hello,
When I tried to load HEVD.sys(v3.00) on OSRLOADER, it doesn't work. But I also tried HEVD v1.2 and v2.0 then it works.
Do you have a any idea why?
"Note: I am working on Windows7x86"