-
-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to load kernel driver (not yet supported on this kernel version) #1823
Comments
I have the same with I assume it is related to recent |
I only have
I'm adding Windows Server 2022 offsets soon. |
E-mail sent. |
Thanks for getting me the build @ge0rdi - like you mentioned in the email symbols are also not yet published for 3391 yet. Once they are I'll make sure dyndata gets updated. @MarekKnapek I added dyndata for Server 2022 here: 03f5c8c - it'll get picked up in the next build |
Microsoft released KB5029331 first as 19041.3391 and 2nd version is 19041.3393 in Release Preview/Insider version which is now also releaded to public in version 3393. |
Thank you @MagicAndre1981 . |
ok, on 1809 LTSC 17763.4737 I also miss the ++ , so no driver is loaded for System Informer version 3.0.7029, but I dont get the messagebox |
Out of curiosity: What is this |
They're undocumented offsets used for both protections and APIs from the client: systeminformer/KSystemInformer/include/dyndata.h Lines 31 to 75 in 4c28c8f
The driver can't function without them. They're required for the protections to function correctly. The old driver would load without them, but it was arguably mostly useless without them. There was some functionality without them, but it was a bit non-obvious why some things would work and some wouldn't. So, during the rewrite we opted to make it a requirement. This come with the benefit that we know where we don't have support/visibility. Obviously the cost is we have to work harder to have more compatibility.
Because they're undocumented offsets that are version-specific. |
I hope this helps. I am experiencing the same issue after installing KB5029351. Before this update, I only got that message once when I installed Build 3.0.7029, but now I get it every time I launch System Informer. |
137cc3a adds support for Will be in next build 👍 |
I can confirm that with latest SI driver loads on |
@MagicAndre1981 when I was scraping to rebuild the offsets I missed three builds: I just went over them and the offsets didn't change from 10.0.17763.4377 - I updated dyndata here: f733df4 - will be in next build 👍 |
Thanks for letting me to @poqdavid - I'm grabbing the new versions now. |
22621.2283 |
Symbols are not yet available for |
d859dad will be in next build 👍 |
as expected I also get the warning again for 1809: and 1904x.3448: |
@jxy-s out of curiosity when you guys update System Informer for newer kernels does it lose its compatibility with older kernels? |
No, it doesn't break compatibility. We support older kernels. We support release builds for Win10+ x64/ARM64. The supported kernel versions are specified in https://github.com/winsiderss/systeminformer/blob/master/kphlib/kphdyn.xml
We do not yet support preview builds. Updates to those kernels are too frequent for me to keep up with manually. I'm hoping to finish some automation eventually to support them. |
I noticed I have an older SI Rev.6806 running on another Win10 17763 and here I see the ++ so driver is loaded on 17763.4851 🤔 🤷♂️ |
See: #1823 (comment) Dyndata format had to change and I went to rebuild all the offsets using some tooling. I missed a few versions. I've corrected it already, once a new build is out that kernel will be supported. Older releases supported it with the older format. But there were bugs. |
the + and ++ show that both have different driver usage levels while ++ is the best |
3.0.7148 fixed it on 19045.3448, but NOT for 17763.4851 |
latest version is 7643 |
check for update doe snot give me 7643 also not on https://systeminformer.sourceforge.io/downloads |
change update channel to canary. |
how i change the channel to canary? |
and with process hacker 2? |
uninstall it and install system informer. |
There is a hotfix/Out of Band Update for 1809: KB5039705 (OS Build 17763.5830) Out-of-band |
|
thanks, 3.0.7660 works fine |
@sequencerr switch to the Canary channel. |
i have the same problem, i have win 11 |
This is the new preview update, which is not jet supported.: May 29, 2024—KB5037853 (OS Builds 22621.3672 and 22631.3672) Preview Maybe team is busy to add this build and wait for patchday next tuesday. |
New patchday, new update requests: KB5039211 (OS Builds 19044.4529 and 19045.4529) Wired, that SI says 4522, but winver says 4529 ok, ntoskrnl.exe version is 4522 KB5039217 (OS Build 17763.5936) (here also kernel is 5933, UBR is 5936) |
Huh, well... I'll gonna stick to the old version until System Informer releases a new version of it for new build or new patch Tuesday for Windows 10 & 11. |
Support for recent kernels was added here: 2375ee3 As some of you might be aware we're working on sorting out some issues with the updater and versioning, once that is taken are of we'll publish another build with the recent kernel support. All of this effort is in support of an official fully stable release and version 3.1.x - thank you for your patience and understanding. |
Server 2022 x64 |
Latest Server 2022 was already added: systeminformer/kphlib/kphdyn.xml Lines 284 to 285 in a871402
Pending release mentioned here: #1823 (comment) |
|
Steps preceding reproduction:
Steps to reproduce:
Details:
b09759778099468188434408f929d675ce289b97
.ae6b8522ca5205b4cef89606ea6c7d043e81dc4f
.4ffc26a940dffa2931923c345eb9824f76dcfca4
.ecbad74c2629f4dd516c35887b8e5d0b7032b135
.[1]
[2]
The text was updated successfully, but these errors were encountered: