PsSetCreateProcessNotifyRoutine

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Drivers
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - UpdateDriverForPlugAndPlayDevices fails ERROR_FILE_NOT_FOUND I am calling UpdateDriverForPlugAndPlayDevices( ) to install driver for my (virtual) device, whose HW id is: *MyDevice - this just copies .sys into system32\drivers folder but the API fails with error code 2 (The system cannot find the file specified.). INF path is correct (of course, sys file is copied to target folder reading INF file). Same INF file installs driver correctly if I go through 'Add Hardware' wizard. What could be issue? Is it becaz I don't have physical device? But I specified *MyDevice...I am confused.. -- ++Sathya Tag: PsSetCreateProcessNotifyRoutine Tag: 78085
  - 2
    - Using INetCfgBindingInterface for NIC but what about DUN? I need to test for enabled bindings of my NDIS Intermediate Driver under W2K,XP,Vista. Starting from the netcfg sample this works fine now for Network Interfaces. But INetCfgBindingInterface seams not to enumerate Bindings of my Dialup entries. Any hints? Thomas Kluge T-Systems Enterprise Services GmbH Tag: PsSetCreateProcessNotifyRoutine Tag: 78081
  - 3
    - Using INetCfgBindingInterface for NIC but what about DUN? I need to test for enabled bindings of my NDIS Intermediate Driver under W2K,XP,Vista. Starting from the netcfg sample this works fine now for Network Interfaces. But INetCfgBindingInterface seams not to enumerate Bindings of my Dialup entries. Any hints? Thomas Kluge T-Systems Enterprise Services GmbH Tag: PsSetCreateProcessNotifyRoutine Tag: 78080
  - 4
    - NDIS + Visual Studio 6 (C++ environment) - raw ethernet packet send/receive Hello people, I'm about to program an application that uses raw ethernet packets to transmit and receive information. I want to use the NDIS driver therefore. I already got WinDDK, and took a look at the c-example (ndisprot). But my question is, how can I implement this in a Visual Studio 6 environment??? Temporary I used Winpcap to send and receive my packets. Even though it's buggy it works, but it's not as professional as with a protocol driver, that has to be installed, and can be activated or deactivated. Could anyone please give a good advise on how to realize this as well as possible?? My best regards! Cheers! Tag: PsSetCreateProcessNotifyRoutine Tag: 78079
  - 5
    - All the possible return values of "rundll32 printui.dll,PrintUIEnt I am not sure this is the right place to ask this question. Anyway, do you know all the possible return values of "rundll32 printui.dll,PrintUIEntry ..."? Thanks for your help in advance. Tag: PsSetCreateProcessNotifyRoutine Tag: 78075
  - 6
    - macro taking variable args Hi , ISO C defines macros that can take variable arguments. The code below compiles on linux but fails with DDK XP. Do I have a similar option in windows. #define AMZ_OSAL_debug1(format, ...) \ {\ KdPrintEx((DPFLTR_IHVDRIVER_ID, DPFLTR_TRACE_LEVEL, \ "DEBUG LOG %s, line-%d%::", __FILE__, __LINE__ ));\ KdPrintEx((DPFLTR_IHVDRIVER_ID, DPFLTR_TRACE_LEVEL,\ format, __VA_ARGS__ ));\ KdPrintEx((DPFLTR_IHVDRIVER_ID, DPFLTR_TRACE_LEVEL,\ "/n"));\ } Thanks. Nitin Tag: PsSetCreateProcessNotifyRoutine Tag: 78072
  - 7
    - STA deauthenticated while scanning Hi everyone, I am writing a 802.11 network miniport driver and having a problem as follows. My driver is running under Windows XP SP2 and can associate with specified BSS without problems. However, the OID_802_11_BSSID_LIST_SCAN requested per minute by WZC really annoys because sometimes when my driver switches channel to scan, AP cannot get ACK frame from my NIC and decides to send deauthenciation frame. Could anybody tell me how you solve this problem? Regards, David Tag: PsSetCreateProcessNotifyRoutine Tag: 78069
  - 8
    - (about USB autorun ¹ØÓÚUSB autorunÎÊÌâ) Dear friends: I have realize usb autorun in WinXP, (I emulate a cdrom with a usb disk on mass storage protocol.), but on Win2000, I can emulate a cdrom with a usb disk, but the autorun program can't be execute when the usb device was plug in. I have test a usb cdrom-box, when the cdrom was put to the usb cdrom-box, I also can't be executed by win2000, why? thank you very much. Best Regards Mike Han Ç×°®µÄÅóÓÑ£º ÎÒÔÚwinxpÉÏÊµÏÖÁËusb autorun(ÊÇÔÚMass StorageÐÒé»ù´¡ÉÏ²ÉÓÃÓÃUÅÌµÄ·½Ê½À´ÊµÏÖµÄ)£¬ ÔÚwinxpÏÂÎÞÎó£¬µ«ÔÚwin2000ÏÂ£¬ËäÈ»ÎÒÒÑ³É¹¦Ê¶±ðÎª¹âÅÌ£¬²¢¿É²Ù×÷£¬µ«ÊÇ¾Í ÊÇ²»ÄÜautorun£¬¼´µ±UÅÌ²åÈëPCÊ±£¬¿ÉÒÔÕýÈ·Ê¶±ðÎªÒ»¸öcdrom,µ«ÊÇ²»ÄÜ×Ô¶¯Ö´ÐÐÉÏÃæµÄautorun³ÌÐò¡£ ÎÒÔø¾ÄÃÒ»¸öusb ½Ó¿ÚµÄ¹âÅÌºÐÀ´×öÊµÑé£¬Ò²·¢ÏÖÀàËÆÎÊÌâ£¬win2000ÏÂ¶Ôusb¹âÅÌºÐÒ²²»Ö§³Öautorun,µ«ÎÒ¿´µ½ÓÐÐ©²úÆ·Ò²ÊÇ²ÉÓÃÐéÄâcdrom·½Ê½ÊµÏÖÁËwin 2000ÏÂµÄautorun£¬²»ÖªµÀÊÇÎªÊ²Ã´ £¬Ï£ÍûÓÐÕâ·½Ãæ¿ª·¢ ¾ÑéµÄÅóÓÑÖ¸µãÃÔ½ò£¬Ð»Ð»¡£ mikehan Tag: PsSetCreateProcessNotifyRoutine Tag: 78067
  - 9
    - USB device and iSerialNumber As per WHQL device requirements either we implement iSerialNumber as unique or not at all. If we implement unique serial number and we get assigned COM port numbers, those will be going up all the time on new device. How to take care of this situation in manufacturing process or any support PC which can see thsousands of these devices? Is there any provision to control this scenario on some pc's? iSerialNumber will be great feature for our end users which we want to provide witout creating any chaos in our support site. Thanks, - Sujit Tag: PsSetCreateProcessNotifyRoutine Tag: 78049
  - 10
    - SCSI Passthrough Using Write Buffer Command Hi everyone, We are trying to send vendor-specific data to an ATAPI device we have designed, using the WRITE BUFFER command (SCSI op code 0x3B) through an application running under WIN 2000. The function uses the IOCTL_SCSI_PASS_THROUGH_DIRECT, just like the spti.c example in the MSDN library. The protocol is working but the only data we get is the CDB[] array repeated over and over, not the data buffer specified in sptdwb.sptd.DataBuffer. Can anyone suggest what is wrong, or where to look for a solution? Thanks in advance, Garet Tag: PsSetCreateProcessNotifyRoutine Tag: 78047
  - 11
    - XP kernel builds Hi all. I don't know if this is the right forum for this question, in any case... I have a machine issuing a replicable BSOD in my driver, that I'm not able to replicate on other machines. This machine is running XP SP2 (well, WinDbg says it's SP2), UP kernel, and the file version of ntoskrnl.exe is 5.1.2600.2622 (xpsp.050301-1521) while my laptop (and other machines with a UP kernel) have ntoskrnl.exe version 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519). Does anyone here have any idea what is that kernel (xpsp.050301-1521) running on this machine?? Have a nice day GV Additional info (from Windbg) ----------------------------- BSOD machine: Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 2600.xpsp.050301-1521 My laptop: Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 2600.xpsp_sp2_gdr.050301-1519 Tag: PsSetCreateProcessNotifyRoutine Tag: 78046
  - 12
    - remove USB Device in C++ Hello I want to remove a USB device (external Disk) with a program in C++ knowing only the drive letter. Anybody can help me ?? Jeff Tag: PsSetCreateProcessNotifyRoutine Tag: 78043
  - 13
    - How to identify the driver that prevents the OS from hibernation? I'm occasionally getting error 0xc000009a, reporting that hibernation got disabled due to "insufficient resources". I suppose this is a driver issue, and I'm wondering how one can go about diagnosing it. It appears to be memory-related, it happens on a desktop with 4GB RAM and on a notebook with 2GB RAM, never on any of the machines with a smaller amount of memory. What could be the reasons for such behavior, and where to look for the evidence? Your advice would be appreciated. I've tried on different forums without any success. I'm running Win 2k3 EE + SP1. Krzys Tag: PsSetCreateProcessNotifyRoutine Tag: 78042
  - 14
    - MAC Addresses Returned By OID_WAN_PERMANENT_ADDRESS How does NDISWAN generate the MAC address returned through a query of OID_WAN_PERMANENT_ADDRESS or related OIDs? The low-order 4 bytes are always " RAS" while the high-order 2 bytes seem to be different on different laptops/desktops. For example, on one desktop these bytes are 0x2c-0x31, while on another they are 0x4A-0x47. Also, since NDISWAN is in the way and appears to spoof a MAC address for the underlying WAN device, does that device have it's own MAC address and is it accessible through any type of OID query? Thanks! Tag: PsSetCreateProcessNotifyRoutine Tag: 78040
  - 15
    - Port Monitor memory allocation I'm still fairly new to driver development, so please have patience with me if some of my questions may seem dumb... I've written a Port Monitor dll which is supposed to intercept print jobs, write them to disk and process them further. This is working the way it's supposed to, for the most part, but a problem I am having right now is that I'm not sure how to properly allocate memory properly. I tried several methods (malloc, GlobalAlloc, etc.) to allocate space for strings, for example, but they all seem to compromise stability, either leading to outright crashes, or leading to the Spooler process terminating quietly eventually. Only using something like fixed arrays of char seems to be stable, but ... well, I don't think I have to explain the drawbacks of having to specify the size of strings at compile time... Is there something I am missing? Are there any special rules for Printer Driver DLLs for allocating/freeing memory (besides the obvious one to make sure to free everything you allocate, which I am pretty sure I am already doing)? Tag: PsSetCreateProcessNotifyRoutine Tag: 78037
  - 16
    - Problem in Interrupt Handling on Vista Beta2 Hi All, I am developing the PCI based network(NDIS6.0) driver for Windows Vista Beta2. My driver is crashing as soon as my DpcForISR is returned. Everything goes fine, during interrupt handler registration with NDIS in Intialize routine. I am not using RSS mechanism in my driver. not specifying anything at TargetProcessors parameter of MPISR. When i put hardcode debugbreakpoint at the end of DpcForIsr and step into, MPISR is called again and goes properly.After this no more DpcForIsr and crash happens. I added debug messages when i step through , just before the bugcheck occurs for reference. **T100**====> MPIsr **T100**MPIsr: DisableInterrupt **T100**NICDisableIntr --> **T100**<-- NICDisableIntr **T100**<==== MPIsr InterruptRecognized 0x1 TestDrv!MPHandleInterrupt+0x33e: 9702dd40 5f pop edi kd> t TestDrv!MPHandleInterrupt+0x340: 9702dd42 5d pop ebp kd> t *** ERROR: Symbol file could not be found. Defaulted to export symbols for ndis.sys - ndis!NdisMSynchronizeWithInterruptEx+0x16c: 81b5de0e 83c638 add esi,0x38 kd> t ndis!NdisMSynchronizeWithInterruptEx+0x16f: 81b5de11 83c8ff or eax,0xffffffff kd> t ndis!NdisMSynchronizeWithInterruptEx+0x172: 81b5de14 f00fc106 lock xadd [esi],eax kd> t ndis!NdisMSynchronizeWithInterruptEx+0x176: 81b5de18 eb1f jmp ndis!NdisMSynchronizeWithInterruptEx+0x197 (81b5de39) kd> t ndis!NdisMSynchronizeWithInterruptEx+0x197: 81b5de39 5f pop edi kd> t ndis!NdisMSynchronizeWithInterruptEx+0x198: 81b5de3a 5e pop esi kd> t ndis!NdisMSynchronizeWithInterruptEx+0x199: 81b5de3b 5b pop ebx kd> t ndis!NdisMSynchronizeWithInterruptEx+0x19a: 81b5de3c 5d pop ebp kd> t ndis!NdisMSynchronizeWithInterruptEx+0x19b: 81b5de3d c21000 ret 0x10 kd> t nt!HalPrivateDispatchTable+0xd18: 814f2820 0100 add [eax],eax kd> t *** Fatal System Error: 0x0000000a (0x00000002,0xD0000002,0x00000001,0x814F2820) A fatal system error has occurred. Debugger entered on first try; Bugcheck callbacks have not been invoked. A fatal system error has occurred. The debuggee is ready to run nt!DbgBreakPointWithStatus+0x4: 8144207c cc int 3 kd> t nt!DbgBreakPointWithStatus+0x5: 8144207d c20400 ret 0x4 kd> t nt!KeBugCheckEx+0x1b8: 814b631d eb65 jmp nt!KeBugCheckEx+0x21f (814b6384) kd> t nt!KeBugCheckEx+0x21f: 814b6384 8975fc mov [ebp-0x4],esi kd> t nt!KeBugCheckEx+0x222: 814b6387 837d0803 cmp dword ptr [ebp+0x8],0x3 Am I missing anything new in Beta2 regarding interrupt management.(I see this key in Registry). Vista Beta1 works fine. Any comments on above observations are welcome. Regards, Chiranjeevi. Tag: PsSetCreateProcessNotifyRoutine Tag: 78029
  - 17
    - Commercial component: joystick driver controlled by user software Hello, I'm look after a commercial joystick driver controlled by my application (determine the number of axis, determine the number of buttons, transmit axis values and button values). I thing, the virtual joystick driver possible is a combination of an joystick or game port minidriver and a opportunity to control this driver through IOControl or an ActiveX component etc. which I can order about my application. Why I look after such comonent is, about the defined DirectInput interface other applications should be able to get data from my application (process communication). I thinking, the DirectInput interface is the best combination with the kind of data, which should be exchange by this interface. And destination computers where my application will be installed, dosn't have a real physical joystick. Do anyone kow such component? Thanks and best regards, Hubert Tag: PsSetCreateProcessNotifyRoutine Tag: 78025
  - 18
    - Printer Installation APIs hi All, I am trying to figure out, that when a USB Printer or a parallel port printer gets installed on the system, then what all APIs (like AddPrinterDriver etc.) are called, and in what sequence. It will be great if some one can help me out with this. Thanks in advance. Pankaj Tag: PsSetCreateProcessNotifyRoutine Tag: 78023
  - 19
    - reg. frame descriptor of USB 1.1 video class specification Hi, YUV2 Packed data format It is mentioned that USB 1.1 video class specification supports YUV2 (uncompressed) packed data format. What does that mean? what type of packing is supported i.e., 1. Y-Cb-Y-Cr or 2. Y-Cr-Y-Cb or 3. Cb-Y-Cr-Y or 4. Cr-Y-Cb-Y Also, at the host side, how does it know which packing is supported as the Frame descriptor does not have any fields to mention about that? Frame Buffer Size One sample (pixel) is 16-bit size, suppose if the resolution is 1024 * 768 then the video buffer size would be 1024 * 768 * 2 (1.6 MB). Is this correct? The buffer allocation at the host side would be Y - 1024 * 768 * 1 (8 -bit) U - 1024 * 384 * 1 (8-bit) V - 1024 * 384 * 1 (8-bit) In total it is 1.6 MB. Is this correct? Minimum and Maximum Bit rates The two fields dwMinBitRate and dwMaxBitRate are not clear to me. How will you set the value for it? For Uncompressed data, will both contain the same value? Suppose I have a frame size of 1024 * 768 * 2 (as above) and 15 frames per second then the bit rate would be 1024 * 768 * 2 * 15. is this correct? Kindly provide me the answers asap. Thanks, Murali Tag: PsSetCreateProcessNotifyRoutine Tag: 78022
  - 20
    - The specified driver is invalid Hi, I patched this driver Steamdvr.sys. Now when Steam.exe tries to start Steamdvr.sys, it fails to start. Generating error code 2001 (ERROR_BAD_DRIVER) - The specified driver is invalid. Is there anything I missed to do to be able to start the driver? Steamdvr.sys is causing a BSOD when I run a game called Red Orchestra with Zone Alarm installed. So I patched Steamdvr.sys and wanted to test if my patch will resolve the BSOD. But the patched Steamdvr.sys refused to start. Any ideas will be highly appreciated. Thanks. Elos Tag: PsSetCreateProcessNotifyRoutine Tag: 78018
  - 21
    - Regarding WinDebugger Hello friends, i am new to this Devuce driver stuff, i am at the basic level. I just wanted some information regarding WinDebugger from microsoft. I have downloaded it from the microsoft web, but i am not getting exact idea, how to use it. If any one of u is having any good documentation of this, please send me the link. Thank You Yogi Tag: PsSetCreateProcessNotifyRoutine Tag: 78017
  - 22
    - Dynamically Loading/Unloading NDIS Drivers From USB Drive Is it possible to load/unload NDIS drivers (in this case, an NDIS IM driver) on XP and W2K from a USB drive without actually installing the driver (i.e., changing the registry)? I know one solution would be to install the driver using the INetCfg API as shown in BindView, but that would require an install through an .inf file with modifications made to the registry. I wanted to see if it's possible to dynamically load the driver and avoid the registry changes. Thanks! Tag: PsSetCreateProcessNotifyRoutine Tag: 78013
  - 23
    - Incorrect INF - Installer File ? Hallo! I have a driver, I would like to install with an INF Files because it is a PnP/WDM Driver. But when I want to install it via the Hardware-Manager, there is an error: ~"The specified place has no information about the hardware" The Hardware is plugged in. Here the content of the INF - File: [Version] Signature = "$Windows NT$" Class=Net ClassGUID={4d92c6ab-cfe1-42c8-a81b8b62ee20f9ad} Provider=%MarkusSoft% DriverVer= 4/4/2006 [DestinationDirs] treiber.Files.x86_12 = 12 [SourceDisksNames.x86] 0=%Desc_x860% [SourceDisksFiles.x86] driverbase.sys=0,.\treiber, [Manufacturer] %MarkusSoft%=MarkusSoft [MarkusSoft] %TreiberDesc%=Treiber_Inst,PCI\VEN_CEBA&DEV_2319 [Treiber_Inst.ntx86] CopyFiles = Treiber.Files.x86_12 [Treiber.Files.x86_12] driverbase.sys [Strings] MarkusSoft= "Markus Software" Desc_x860= "MARKUS" TreiberDesc= "Desc." The Files are in in the following structure: .\basisTreiber_install.inf .\treiber\driverbase.sys Does someone find a mistake in the INF? Or could this also be a problem of the SYS-File? Markus -- Markus09 ------------------------------------------------------------------------ Posted via http://www.codecomments.com ------------------------------------------------------------------------ Tag: PsSetCreateProcessNotifyRoutine Tag: 78009
  - 24
    - SetupCopyOemInf Failiure Hello, Attempting to install our printer driver on Windows XP Pro x64, SetupCopyOemInf() fails with error 87: The parameter is incorrect. The .INF is copied to the INF directory as OEM9.INF, and OEM9.PNF is created, which -- I believe -- is what is supposed to happen. The same .INF works properly with Add Printer Wizard. In the debugger, just after the pop-up about unsigned drivers, Continue Installation is selected, then an access violation occurs: mov [r15], eax ; ds:fffff97f`00000000=???????? The parameters to are: SetupCopyOemInf(szInf, 0, SPOST_PATH, 0, NULL, 0, 0, NULL); Also, I noticed that SETUPAPI.LOG shows a difference when installing via Add Printer Wizard and via our setup program. Add Printer Wizard: #W367 - "A valid signature ... .INF" for driver "Printers" will be installed ..." Our Setup program: #W367 - "A valid signature ... .INF" for will be installed..." The words 'driver "Printer"' are missing. Could this be a clue as to what SetupCopyOemInf() is failing on? Thanks in advance. Tag: PsSetCreateProcessNotifyRoutine Tag: 78008
  - 25
    - Does the system automatically disable drivers? Are there situations when the system will automatically disable (i.e. set Start to SERVICE_DISABLED) a legacy driver configured as a system-start driver? Mike Tag: PsSetCreateProcessNotifyRoutine Tag: 78004
- Next
  - 1
    - OID_TCP_TASK_OFFLOAD In DDK doc is written: "If an intermediate driver modifies the contents of TCP packets that it forwards down to an underlying miniport driver such that TCP offload functions cannot be performed on the packets, the intermediate driver should respond to OID_TCP_TASK_OFFLOAD queries with a status of NDIS_STATUS_NOT_SUPPORTED instead of passing the request down to the underlying miniport." I dont understand what modification can it be ? For example IM driver that has implemented NAT. IP addresses and ports are changed, NdisSend() is called and miniport takes packet, calculates checksum and send it. I dont see any difficulty with calculating checksums by miniport on such NAT-ed packets. Or is there mean other type of modifications ? Peter Tag: PsSetCreateProcessNotifyRoutine Tag: 78003
  - 2
    - How is WMI better I am trying to understand and use WMI for last two months. I am new to this. I am not able to convince myself why WMI is easier than directly talking to application or driver. Can someone give reference or examples that will justify this. Thanks Tag: PsSetCreateProcessNotifyRoutine Tag: 77986
  - 3
    - Verifying Digital Signature Hi folks, I am trying to write a little tool in which I can verify digital signature of system files in c#. Of course SIGVERIF does the same thing but I can not use that for certain reasons. Any input will be appreciated. Thanks Ravelstein Tag: PsSetCreateProcessNotifyRoutine Tag: 77984
  - 4
    - Dual SATA Disk Drive Issue Experiencing a problem with a SATA disks attached to a dual SATA disk Raid Controller. Posting here because it has happend with two different devices. Generating approximately 800,000 files and the entire machine locks up with insufficient resources error (0xc000009A). The files are generated as fast as possible, basically: do { name = getNewFilename() file = new File(name) file.write(data) file.close() } while(true) This did not happen while writing to a SATA drive attached via the mother board and controlled by the system bios. So given this has happened on two different controllers I was wondering if this is a problem with the class driver interface? System Configuration OS Version: Windows XP Pro Service Pack 2. CPU Type: Intel Pentium 4 3GHz (Intel Chipset 630) Memory: 1GByte DDR 400 Hard Drives: 3 X Western Digital Caviar 250GB SATA2 16MB (WDC WD1600JS-75NCB1) Transfer Type: SATA SATA Raid Controller: A-181 SiI 3x12 SATA PCI 2-Port Raid Card and Adaptec AStl-1205 SA 2pt SATA Both the SATA controllers above generate this problem repeatably. Tag: PsSetCreateProcessNotifyRoutine Tag: 77981
  - 5
    - The reposibilities of DrvCopyBits() In a monlithic printer driver development for laser printers ,if the DrvCopyBits() has to be implemented what the functions or operation that needs to be performed by this function? or the responsibilities of DrvCopyBits() function in printer driver. Tag: PsSetCreateProcessNotifyRoutine Tag: 77977
  - 6
    - Driver Globals Dear all, Am I right in thinking that globals in a driver are by default non-pageable? Thanks in advance, Carly Tag: PsSetCreateProcessNotifyRoutine Tag: 77976
  - 7
    - When to use memory mapped io register? Hello all, I am a new device driver developer and hope that someone can help on the memory mapped io register. I am working on a new chipset which is recently supporting memory mapped io space feature. For earlier chipset, this feature was not available. To bad to say that my team members have not experienced in memory mapped io register. Therefore, we are not sure when to use memory mapped io register or read the io register from the pci config space instead. If someone can give some advices, that will be great. Thank you. HS Tag: PsSetCreateProcessNotifyRoutine Tag: 77964
  - 8
    - Registration Hi! I need to register a virtual serial port so that it can be enumerated with SetupAPI. As far as I understand, this can be achieved by exposing an interface towards the device using IoRegisterDeviceInterface. This function, however, fails for me. This is what I do: IoCreateDevice(DriverObject, sizeof(MY_EXTENSION), &Name FILE_DEVICE_SERIAL_PORT, 0, TRUE, &DeviceObject); // Check status etc IoRegisterDeviceInterface(DeviceObject, &GUID_CLASS_COMPORT, NULL, &ext->SymLinkName); This does not succeed, but instead returns status = 0xC0...10 (invalid PDO). What could cause this? The serial port works, i.e. it is possible to open, close, read, write etc, but the interface registration fails. Thanks in advance, Nille Tag: PsSetCreateProcessNotifyRoutine Tag: 77954
  - 9
    - Capturing bits copied beyond primary display in a mirror driver Hi, I'm trying to mirror the output of a BitBlt executed in user mode at a position beyond the primary display (1024,0) in a mirror driver. The user application executes the following code: // initialize DEVMODE DEVMODE devmode; FillMemory(&devmode, sizeof(DEVMODE), 0); devmode.dmSize = sizeof(DEVMODE); devmode.dmFields = DM_BITSPERPEL | DM_PELSWIDTH | DM_PELSHEIGHT | DM_POSITION; devmode.dmBitsPerPel = 32; devmode.dmPelsWidth = 50; devmode.dmPelsHeight = 50; devmode.dmPosition.x = 1024; devmode.dmPosition.y = 0; // change display settings int code = ChangeDisplaySettingsEx(deviceName, &devmode, NULL, CDS_UPDATEREGISTRY, NULL); code = ChangeDisplaySettingsEx(deviceName, &devmode, NULL, 0, NULL); HDC hdc = CreateDC("DISPLAY", deviceName, NULL, NULL); // we should be hooked as layered at this point HDC hdc2 = CreateCompatibleDC(hdc); // call DrvCreateDeviceBitmap HBITMAP hbm = CreateCompatibleBitmap(hdc, 50, 50); SelectObject(hdc2, hbm); // blt 50x50 to destination 1024,0 BitBlt(hdc2, 0, 0, 50, 50, hdc, 1024, 0, SRCCOPY); Using WinDbg, I can verify that DrvBitBlt function (hooked in the kernel driver) was not being called in response to BitBlt. However, changing devmode.dmPosition.x to 0 resulted in the calls being routed to DrvBitBlt. Can anyone explain what is missing from the above code? Any suggestions are much appreciated. Tag: PsSetCreateProcessNotifyRoutine Tag: 77945
  - 10
    - Kernel mode to user mode communication Hi, I am developing a mini filter using the Microsoft IFS kit. My mini filter communicates with a user mode service which contains certain business logic. I have written the user mode service as a Windows NT service. The communication is done using the standard api's like FltCreateCommunicationPort, FilterConnectCommunicationPort, FilterSendMessage and FilterReplyMessage etc. Can the user mode service (not necessarily an NT service) be written in any other language such as Java? I mean, is it possible for the mini filter to communicate with a user mode service written in any other language then c++? Can the service written in other language such as Java, perl call the functions FilterConnectCommunicationPort, FilterReplyMessage etc.? Another approach could be that the user mode service written in Java can some how connect to the communication port created by the mini filter and read the raw data that is posted on it by the minifilter (assuming there is some standard format for the data posted by the Windows api's)? Is this feasible. (1st problem I face is I cannot connect to the port using its name '\\TestPort'). I would choose Java so that my application is portable across other OS, where I will just have to port the mini filter portion while the user mode application remains the same. Thanks in advance, Vishal Tag: PsSetCreateProcessNotifyRoutine Tag: 77944
  - 11
    - NDIS filter installation issue Hello, I have wrote a NDIS intermediate filter (NDIS 5.0) based on the passthru filter sample code, and I sometime run into an odd issue when installing the driver. The installation will be going fine (Windows asks me to confirm that I want to install that unsigned driver) and I can see the driver listed in the "Items list" of the computer network connection, but the driver doesn't work, it's driver entry function DriverEntry() isn't even called. This seems to occurs if I install/uninstall the driver a couple of times. If the computer is rebooted before re-installing the driver, it work fine. Thanks for any tips/advices. Cheers, Tag: PsSetCreateProcessNotifyRoutine Tag: 77943
  - 12
    - Device Path Exerciser HCT test Hello, I am running the "Device Path Exerciser" HCT test and i find out that this test is listing other drivers than the one of the printer i am testing. The test pases but the driver in the 'drivers list' of that test is not the same as the driver of my printer (for which i am running the HCT test). Is this normal? Do you have any suggestions? Thanks for your help. Tag: PsSetCreateProcessNotifyRoutine Tag: 77932
  - 13
    - Norti Network Functions Hi, do Norti provide any functions for creating,binding and accepting connections.If so, what are they or is there any document in which they are explained. Tag: PsSetCreateProcessNotifyRoutine Tag: 77931
  - 14
    - usb video class device(uncompressed video format) Hi, We are developing usb video class device(uncompressed video format). I read video class specification 1.1 but few descriptor feilds are not clear. 1)Class-specific VS Frame Descriptor: dwMinBitRate dwMaxtRate dwMaxVideoFrameBufferSize dwDefaultFrameInerval dwMinFrameInterval dwMaxFrameInterval wFrameIntervalStep Class-specific VS Frame Descriptor ----------------------------------------------------- Offset Field Size Value Description ------------------------------------------------------------------------ 0 bLength 1 0x26 Size of Descriptor 1 bDescriptorType 1 0x24 CS_INTERFACE 2 bDescriptorSubtype 1 0x05 VS_FRAME_UNCOPMRESSED 3 bFrameIndex 1 0x01 Index of this descriptor 4 bmCapabilities 1 0x03 Capabilities 5 wWidth 2 0x0400 Width of decoded frame in pixel 7 wHeight 2 0x0300 Height of decoded frame in pixel 9 dwMinBitRate 4 0xXXXX Min transmit bit rate 13 dwMaxtRate 4 0xXXXX Max transmit bit rate 17 dwMaxVideoFrameBufferSize 4 0xXXXX Video frame size 21 dwDefaultFrameInerval 4 0xXXXX Frame interval 25 bFrameIntervalType 1 0x00 How frame interval can be programmed (continuous) 26 dwMinFrameInterval 4 0xXXXX Shorted frame interval Supported 30 dwMaxFrameInterval 4 0xXXXX Longest frame interval supported 34 dwFrameIntervalStep 4 0xXXXX Granularity of frame interval 2)Class-specific VC Interface Descriptor dwClockFrequency (is this usb controller freq.?) I have gone through all video class specification 1.1 documents......but still those descriptor fields are not clear to me.Please help me. Thanks, Montu Tag: PsSetCreateProcessNotifyRoutine Tag: 77930
  - 15
    - usb video class device(uncompressed video format) Hi, We are developing usb video class device(uncompressed video format). I read video class specification 1.1 but few descriptor feilds are not clear. 1)Class-specific VS Frame Descriptor: dwMinBitRate dwMaxtRate dwMaxVideoFrameBufferSize dwDefaultFrameInerval dwMinFrameInterval dwMaxFrameInterval wFrameIntervalStep Class-specific VS Frame Descriptor ----------------------------------------------------- Offset Field Size Value Description ------------------------------------------------------------------------ 0 bLength 1 0x26 Size of Descriptor 1 bDescriptorType 1 0x24 CS_INTERFACE 2 bDescriptorSubtype 1 0x05 VS_FRAME_UNCOPMRESSED 3 bFrameIndex 1 0x01 Index of this descriptor 4 bmCapabilities 1 0x03 Capabilities 5 wWidth 2 0x0400 Width of decoded frame in pixel 7 wHeight 2 0x0300 Height of decoded frame in pixel 9 dwMinBitRate 4 0xXXXX Min transmit bit rate 13 dwMaxtRate 4 0xXXXX Max transmit bit rate 17 dwMaxVideoFrameBufferSize 4 0xXXXX Video frame size 21 dwDefaultFrameInerval 4 0xXXXX Frame interval 25 bFrameIntervalType 1 0x00 How frame interval can be programmed (continuous) 26 dwMinFrameInterval 4 0xXXXX Shorted frame interval Supported 30 dwMaxFrameInterval 4 0xXXXX Longest frame interval supported 34 dwFrameIntervalStep 4 0xXXXX Granularity of frame interval 2)Class-specific VC Interface Descriptor dwClockFrequency (is this usb controller freq.?) I have gone through all video class specification 1.1 documents......but still those descriptor fields are not clear to me.Please help me. Thanks, Montu Tag: PsSetCreateProcessNotifyRoutine Tag: 77929
  - 16
    - usb video class device(uncompressed video format) Hi, We are developing usb video class device(uncompressed video format). I read video class specification 1.1 but few descriptor feilds are not clear. 1)Class-specific VS Frame Descriptor: dwMinBitRate dwMaxtRate dwMaxVideoFrameBufferSize dwDefaultFrameInerval dwMinFrameInterval dwMaxFrameInterval wFrameIntervalStep Class-specific VS Frame Descriptor ----------------------------------------------------- Offset Field Size Value Description ------------------------------------------------------------------------ 0 bLength 1 0x26 Size of Descriptor 1 bDescriptorType 1 0x24 CS_INTERFACE 2 bDescriptorSubtype 1 0x05 VS_FRAME_UNCOPMRESSED 3 bFrameIndex 1 0x01 Index of this descriptor 4 bmCapabilities 1 0x03 Capabilities 5 wWidth 2 0x0400 Width of decoded frame in pixel 7 wHeight 2 0x0300 Height of decoded frame in pixel 9 dwMinBitRate 4 0xXXXX Min transmit bit rate 13 dwMaxtRate 4 0xXXXX Max transmit bit rate 17 dwMaxVideoFrameBufferSize 4 0xXXXX Video frame size 21 dwDefaultFrameInerval 4 0xXXXX Frame interval 25 bFrameIntervalType 1 0x00 How frame interval can be programmed (continuous) 26 dwMinFrameInterval 4 0xXXXX Shorted frame interval Supported 30 dwMaxFrameInterval 4 0xXXXX Longest frame interval supported 34 dwFrameIntervalStep 4 0xXXXX Granularity of frame interval 2)Class-specific VC Interface Descriptor dwClockFrequency (is this usb controller freq.?) I have gone through all video class specification 1.1 documents......but still those descriptor fields are not clear to me.Please help me. Thanks, Montu Tag: PsSetCreateProcessNotifyRoutine Tag: 77928
  - 17
    - How to force AllocateCommonBuffer in the lower 4Gbytes Dear All, My driver is for a PCI device for which I use teh Dma adapter objects for the Dmas. Thanks to the AllocateCommonBuffer api, I allocate a contiguous buffer that receives the scatter-gather descriptors. For my PCI bridge, they are in the form: - Low Physical Address (32 bits) - High Physical Address (32 bits) - Page size (32 bits) - Next Descriptor pointer (32 bits) All this works very well. The thing is we now need to extend the PC memory to more than 4Gbytes using the /PAE extension (we're still using 32 bits OSs). The descriptors are OK for the data since they are 64 bits compatible BUT the pointers on the descriptors (First and Next Descriptor pointer) ARE 32 bits. This mean that the common buffer SHOULD mandatory be allocated in the lower 4Gbytes of the memory. My questions are the following: - Is this done by the AllocateCommonBuffer api automatically (because this is a common behaviour and not a big constraint)? - Otherwise is there a mean to inform the Dma adapter of such a behaviour? - Or should I allocate the common buffer by hand using something like MmAllocateContiguousMemory + ...? Many thanks in advance and have a nice day, Francois. Tag: PsSetCreateProcessNotifyRoutine Tag: 77927
  - 18
    - hard drive issues i have a hard drive larger than 137 gb but windows xp only recognizes 127 what can i do to fix this can any one help me. Tag: PsSetCreateProcessNotifyRoutine Tag: 77926
  - 19
    - USB HDD Power Management ICAgICAgICBJdCB0dXJucyBvdXQgdGhhdCBVU0IgaGFyZCBkaXNrcyBkbyBub3Qgc3ViamVjdCB0 byBwb3dlciBtYW5hZ2VtZW50IHBvbGljaWVzKHNodXR0aW5nIGRvd24gd2hlbiBpZGxlKQ0KaW4g WFAuIElzIGl0IGEgbWlzY29uZmlndXJhdGlvbiBvciBwb3dlciBtYW5hZ2VtZW50IGRvZXMgbm90 IGFmZmVjdCBVU0IgSEREcy4NCiAgICAgICAgSSBhbSBzb3JyeSB0byBwb3N0IGl0IGhlcmUgYnV0 IHRoZXJlIGRvZXNuJ3QgYXBwZWFyIHRvIGEgZGlzY3Vzc2lvbiBib2FyZCBhYm91dCBwb3dlciBt YW5hZ2VtZW50IGlzc3Vlcy4NCg0KUmVnYXJkcw== Tag: PsSetCreateProcessNotifyRoutine Tag: 77924
  - 20
    - some functions information in Norti hi all, do Norti provide any functions for socket initialisation. Like i want to know is functions like bind,socket initialisation etc. are mapped in Norti. If so the plz list me those or is there any document on that. Tag: PsSetCreateProcessNotifyRoutine Tag: 77919
  - 21
    - Intermediate drivers binding issues Hi all, I am having trouble getting my intermediate NDIS driver to work with Nortel VPN client and a SiS network card. When Nortel VPN and my driver are installed, and all bindings are in place, the PC (2003 box) gets a blue screen on booting. After reading this: http://support.microsoft.com/default.aspx?scid=kb;en-us;250615 I used the registry, device manager (showing hidden cards) and the DDK's bindview to try and figure out what's going on with bindings on my system. >From what I see Nortel has an intermediate driver that binds to the SiS card. My intermediate also binds to the SiS card, but it seems those two bindings work well together (My filter class is scheduler and Nortel's intermediate is failover so it should be OK). The problem is, that besides the intermediate driver, Nortel also has what seems to behave like an adapter, and goes by the display name of "Nortel IPSECSHM Adapter". My intermediate binds to this device, and that causes the blue screen. When I go to safe mode and disable that binding, the box boots OK. I couldn't understand what that adapter actually is, in device manager and in bindview it shows up as a regular adapter. Its behavior somewhat resembles that of "WAN Miniport (IP)", to which my intermediate does not bind. How can I instruct my intermediate driver not to bind to Nortel IPSECSHM Adapter? Thanks Hillel. Tag: PsSetCreateProcessNotifyRoutine Tag: 77918
  - 22
    - Help with an idea about printer driver strategy please! Hi All ! I need to create a virtual printer driver that will redirect the output to another installed printer in system. Depends of the information on the printed page, I need to add a watermark.This watermark is determined by the existing of one word located anywhere in the page (at start, middle or end). Worst, all of this should be done in PCL. If this was PS there I saw a command to inject some ps code. But in PCL... nothing found. I solved this solution keeping in memory a copy of the page and at the each end of page of the printerjob I send it to the another printer. My problem is that: the memory occupied by this solution to print a page is around of 40 MB at 600x600 resolution. And this because I save every band in memory. I saw that a lot of programs are printing using maximum 100K for the same page where I spend 40MB. What strategy should I apply in order to solve this problem ? I need just an idea. Thanks in advance, Radu Cosoveanu. Tag: PsSetCreateProcessNotifyRoutine Tag: 77913
  - 23
    - SDIO client driver not working with windows mobile 5.0 PDAs Hai, I've a SDIO client driver which is working fine with all pocket pc 2003 PDAs. But when it comes to Windows Mobile 5.0 PDAs, i've various problems. When i install the client driver (built using PB 5.0 ArmV4i)it notifies me with a message "Starting this program requires a component from an unknown publisher, you should start the program only if you trust the component's publisher. Do you want to continue?" even on giving "yes" it gets unloaded. Why does such a message appear for windows mobile 5.0 pdas? I'm not able to install the debug version of the SD bus driver to get the bus traces. Is there any special procedure or driver to get bus driver traces for these pdas?? When i try to replace the sdmemory dll(using active sync) with the sdmemory dll compiled using PB5.0 ARMV4i it gives me a access denied error. But when i try install the driver by creating a setup.exe it gets installed but it not getting loaded. Is windows mobile 5.0 and windows mobile 2005 are same or different? Please somebody help me in this regard. Regards, Prabha. Tag: PsSetCreateProcessNotifyRoutine Tag: 77910
  - 24
    - APC_INDEX_MISMATCH I met following error. It occurres only sometimes in calling DeviceIoControl() to my IM ndis driver with different control codes, not reproducable How can I to solve this problem ? APC_INDEX_MISMATCH (1) This is a kernel internal error which can occur only on a checked build. The most common reason to see such a bugcheck would occur when a filesystem had a mismatched number of KeEnterCriticalRegion calls compared to KeLeaveCriticalRegion calls. This check is made on exit from a system call. Arguments: Arg1: 812f984a, address of system function (system call) Arg2: 00000000, Thread->ApcStateIndex << 8 | Previous ApcStateIndex Arg3: 0000ffff, Thread->KernelApcDicable Arg4: 00000000, Previous KernelApcDisable Tag: PsSetCreateProcessNotifyRoutine Tag: 77905
  - 25
    - where can I get a virtaul video camera example code hi , I want make a virtaul video camera driver , I have seek via net , but so far I can not find it . anyone can help me , where I can get the example code of the virtual camera driver ? or can u give me some guide to implement it ? thanks a lots . Tag: PsSetCreateProcessNotifyRoutine Tag: 77904

Hi,

When my driver receives a notification that a process has been created, is
the process held in a suspended state until the notification handler routine
completes?

Or is the notification asynchronous?

Thanks,
Rich

Re: PsSetCreateProcessNotifyRoutine by Don

Don
Thu Apr 06 10:19:26 CDT 2006

The notification occurs as part of the process setup. Actually you are
called before any threads are created (they are created by the thread that
is calling the callbacks later in the process). Now some problems with the
call, the process is not in the process table, so refering to the pid at
this point is not going to work for things like a user space OpenProcess
call. Also, depending on what the parents permissions were and the way
thing are created you may find that the is essentially no permissions on the
process object making it impossible to terminate or do anything useful with
it.

--
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

"Rich S." <RichS@discussions.microsoft.com> wrote in message
news:86B677EC-F935-45B1-848E-AFB94D908EDE@microsoft.com...
> Hi,
>
> When my driver receives a notification that a process has been created, is
> the process held in a suspended state until the notification handler
> routine
> completes?
>
> Or is the notification asynchronous?
>
> Thanks,
> Rich

Re: PsSetCreateProcessNotifyRoutine by RichS

RichS
Thu Apr 06 11:18:02 CDT 2006

"Don Burn" wrote:

> The notification occurs as part of the process setup. Actually you are
> called before any threads are created (they are created by the thread that
> is calling the callbacks later in the process). Now some problems with the
> call, the process is not in the process table, so refering to the pid at
> this point is not going to work for things like a user space OpenProcess
> call. Also, depending on what the parents permissions were and the way
> thing are created you may find that the is essentially no permissions on the
> process object making it impossible to terminate or do anything useful with
> it.

Thanks for your reply, Don. Does this mean that this method is a dead end
if I want to be able to inject a DLL into the given process?