Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C++ Visual-Studio Driver API , +
Hi,
 
I wrote a driver which hooks ZwQueryDirectoryFile and hides a file, "o.txt", but when I access "o.txt" directly using its name (which of course I know), for instance, when I try to delete it in command Prompt using >del o.txt ,the system crashes and I see the blue screen.
 
What should I do? Should I hook another function in SSDT as well?
 
I use Visual Studio 2010 and I developed my driver for Windows XP.
P.S. There's only educational purpose behind what I am doing.
 
Thank you.
Posted 5-Nov-12 20:36pm
lilyNaz536
v2
Comments
Richard MacCutchan at 6-Nov-12 5:24am
   
Something is happening in your driver to cause the BSOD. Try doing some crash analysis to find out why.

1 solution

Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

You should start learning how to debug your driver and do driver crashes analysis. A good place to start with: http://www.dedoimedo.com/computers/windows-bsod.html[^]. You will find many articles, technics and tools there on the Internet regarding this topic.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 290
1 Jochen Arndt 165
2 DamithSL 125
3 PIEBALDconsult 110
4 Garth J Lancaster 90
0 OriginalGriff 5,790
1 DamithSL 4,601
2 Maciej Los 4,012
3 Kornfeld Eliyahu Peter 3,480
4 Sergey Alexandrovich Kryukov 3,195


Advertise | Privacy | Mobile
Web04 | 2.8.141220.1 | Last Updated 6 Nov 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100