Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Code Project
CODE PROJECT For Those Who Code
  • Home
  • Articles
  • FAQ
Community
  1. Home
  2. General Programming
  3. C / C++ / MFC
  4. Windows Driver Development

Windows Driver Development

Scheduled Pinned Locked Moved C / C++ / MFC
csharpc++visual-studiobusinessquestion
18 Posts 7 Posters 0 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C candogu

    Hi, I want to start to develop windows drivers which are not device drivers I got a task and I need to make a hidden or non killable system watcher for my business this driver will only control my another process is alive if it is not alive it will give the system a shut down or driver will hide my application or when the user tries to kill my application driver will give Access is denied (For all users including Administrators) message and I know C, C++, C# at intermediate level I decided to begin developing in C++. Which IDE should I use?, Where should I start from? I have to do this I am not a virus developer or something like that Thanks.

    L Offline
    L Offline
    Lost User
    wrote on last edited by
    #9

    candogu wrote:

    Where should I start from

    Given your description of what you want to do, a real good start would be to redesign your system. An "unkillable" process is a bad design to start with.

    candogu wrote:

    I have to do this

    You might have been told to do this by a client or supervisor but that does not mean that you should do it.

    Why is common sense not common? Never argue with an idiot. They will drag you down to their level where they are an expert. Sometimes it takes a lot of work to be lazy Individuality is fine, as long as we do it together - F. Burns

    1 Reply Last reply
    0
    • L Lost User

      You need to use C. DOnt use C++, it isnt supported in the kernel. You need to write a File System mini filter and fail the IRP_MJ_CLOSE when it is for your application. Doing this is devilishly complex, and you would be best to hand this over to an experienced company to do with you working closely with them. That way you learn and your product gets developed. If you try this as a novice, you are almost destined to fail, some years down the road. If you think ordinary device drivers are hard to write, then at least there are plenty of books for them. File System drivers are virtually undocumented. Oh, and there isnt an IDE. You have to use the 'build' macro from the DDK (WD as it is called today). SO you can use any text editor you like. I use VS, but thats just by habit.

      ============================== Nothing to say.

      C Offline
      C Offline
      candogu
      wrote on last edited by
      #10

      I appreciate your answer. Thank you for your attention.

      1 Reply Last reply
      0
      • L Lost User

        candogu wrote:

        I need to make a hidden or non killable system watcher

        candogu wrote:

        will give Access is denied (For all users including Administrators)

        Thus preventing any user or adminstrator from being able to control their own system.

        candogu wrote:

        I am not a virus developer or something like that

        I can see no other reason that you would want to do this.

        Unrequited desire is character building. OriginalGriff I'm sitting here giving you a standing ovation - Len Goodman

        C Offline
        C Offline
        candogu
        wrote on last edited by
        #11

        U can see what u want. Yes I am lying what is gonna happen??? I am the biggest virus developer in whole world? Are u happy now?

        1 Reply Last reply
        0
        • Richard Andrew x64R Richard Andrew x64

          Is your keyboard missing its punctuation keys?

          The difficult we do right away... ...the impossible takes slightly longer.

          C Offline
          C Offline
          candogu
          wrote on last edited by
          #12

          This is EXACTLY what I need, thank you for your answer...

          1 Reply Last reply
          0
          • L Lost User

            candogu wrote:

            I need to make a hidden or non killable system watcher

            candogu wrote:

            will give Access is denied (For all users including Administrators)

            Thus preventing any user or adminstrator from being able to control their own system.

            candogu wrote:

            I am not a virus developer or something like that

            I can see no other reason that you would want to do this.

            Unrequited desire is character building. OriginalGriff I'm sitting here giving you a standing ovation - Len Goodman

            L Offline
            L Offline
            Lost User
            wrote on last edited by
            #13

            It is only going to block one application from being stopped. Of course he can have a user created whose SID is allowed to close that exe so control can be maintained. In fact I have done this kind of thing with security SW. Certain apps and areas of the registry have access blocked, launching of aplicaitons is limited to certain users or groups, typical security stuff.

            ============================== Nothing to say.

            L 1 Reply Last reply
            0
            • L Lost User

              It is only going to block one application from being stopped. Of course he can have a user created whose SID is allowed to close that exe so control can be maintained. In fact I have done this kind of thing with security SW. Certain apps and areas of the registry have access blocked, launching of aplicaitons is limited to certain users or groups, typical security stuff.

              ============================== Nothing to say.

              L Offline
              L Offline
              Lost User
              wrote on last edited by
              #14

              Yes, but I have a sneaking suspicion that you actually understand the mechanics and implications of doing something like this. :)

              Unrequited desire is character building. OriginalGriff I'm sitting here giving you a standing ovation - Len Goodman

              L 1 Reply Last reply
              0
              • L Lost User

                You need to use C. DOnt use C++, it isnt supported in the kernel. You need to write a File System mini filter and fail the IRP_MJ_CLOSE when it is for your application. Doing this is devilishly complex, and you would be best to hand this over to an experienced company to do with you working closely with them. That way you learn and your product gets developed. If you try this as a novice, you are almost destined to fail, some years down the road. If you think ordinary device drivers are hard to write, then at least there are plenty of books for them. File System drivers are virtually undocumented. Oh, and there isnt an IDE. You have to use the 'build' macro from the DDK (WD as it is called today). SO you can use any text editor you like. I use VS, but thats just by habit.

                ============================== Nothing to say.

                J Offline
                J Offline
                JackDingler
                wrote on last edited by
                #15

                Uhm, C++ isn't supported in the kernel? I think you mean that MFC isn't support in the kernel. The Kernel doesn't know anything about the original source the binaries are created from.

                L 1 Reply Last reply
                0
                • C candogu

                  Hi, I want to start to develop windows drivers which are not device drivers I got a task and I need to make a hidden or non killable system watcher for my business this driver will only control my another process is alive if it is not alive it will give the system a shut down or driver will hide my application or when the user tries to kill my application driver will give Access is denied (For all users including Administrators) message and I know C, C++, C# at intermediate level I decided to begin developing in C++. Which IDE should I use?, Where should I start from? I have to do this I am not a virus developer or something like that Thanks.

                  J Offline
                  J Offline
                  JackDingler
                  wrote on last edited by
                  #16

                  When you're done with this, would you please post your experiences in debugging and unkillable process?

                  1 Reply Last reply
                  0
                  • L Lost User

                    Yes, but I have a sneaking suspicion that you actually understand the mechanics and implications of doing something like this. :)

                    Unrequited desire is character building. OriginalGriff I'm sitting here giving you a standing ovation - Len Goodman

                    L Offline
                    L Offline
                    Lost User
                    wrote on last edited by
                    #17

                    I do. I used to work for a firm who made security products. :)

                    ============================== Nothing to say.

                    1 Reply Last reply
                    0
                    • J JackDingler

                      Uhm, C++ isn't supported in the kernel? I think you mean that MFC isn't support in the kernel. The Kernel doesn't know anything about the original source the binaries are created from.

                      L Offline
                      L Offline
                      Lost User
                      wrote on last edited by
                      #18

                      No, I mean C++ isnt supported, as in supported by Microsoft if you have a problem and go to them. Of course you can run C++ derived code, you just need to be carefull about what features you use.

                      ============================== Nothing to say.

                      1 Reply Last reply
                      0
                      Reply
                      • Reply as topic
                      Log in to reply
                      • Oldest to Newest
                      • Newest to Oldest
                      • Most Votes

                      • Login
                      • Don't have an account? Register
                      • Login or register to search.
                      • First post
                        Last post
                      0
                      • Categories
                      • Recent
                      • Tags
                      • Popular
                      • World
                      • Users
                      • Groups