Discussion:
New to Drivers
(too old to reply)
f***@gmail.com
2015-03-26 00:30:14 UTC
Permalink
Raw Message
Dear all,

It is my first post in this forum. I am trying to build a driver that can work on XP to Win8.

The idea is to detect process execution via the PsSetCreateProcessNotifyRoutine function.

The first question is: 1) what WDK should I use for this backward compatibility (XP onwards)?

My second question is: 2) I have downloaded several samples and they don't seem to be working and Windows 8.

For example:

http://www.codeproject.com/Articles/2018/Detecting-Windows-NT-K-process-execution

How can I compile this sample? I am using VS2008 so my approach would be via the cmd build.

Thanks for the help in advance.

Regards,
f***@gmail.com
2015-03-26 23:10:37 UTC
Permalink
Raw Message
I compiled the Driver and trying to make it work but I receive a message that the driver has been blocked when calling StartService, even having disabled the Signing Enforcement.

I do not what could be going on.

Any hints?
Post by f***@gmail.com
Dear all,
It is my first post in this forum. I am trying to build a driver that can work on XP to Win8.
The idea is to detect process execution via the PsSetCreateProcessNotifyRoutine function.
The first question is: 1) what WDK should I use for this backward compatibility (XP onwards)?
My second question is: 2) I have downloaded several samples and they don't seem to be working and Windows 8.
http://www.codeproject.com/Articles/2018/Detecting-Windows-NT-K-process-execution
How can I compile this sample? I am using VS2008 so my approach would be via the cmd build.
Thanks for the help in advance.
Regards,
Loading...