- How to launch process from a Kernel Mode Driver
- Posted by Phil on February 4th, 2004
I have a Kernel Mode driver (a keyboard filter driver). I want to do a "CreateProcess" from the driver. How can this be done? If it can't, any advice on how to accomplish the same effect? As a contrived example, how could I launch notepad.exe from the filter driver.
TIA, phil
- Posted by Don Burn on February 4th, 2004
It cannot not be done directly from a driver. You will need a helper
service to launch the application.
--
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
"Phil" <anonymous@discussions.microsoft.com> wrote in message
news:B47ADE72-6103-4866-8CD4-7617A5430FA3@microsoft.com...
advice on how to accomplish the same effect? As a contrived example, how
could I launch notepad.exe from the filter driver.
- Posted by Brian Catlin on February 5th, 2004
"Don Burn" <burn@stopspam.acm.org> wrote in message
news:1022us2edn1co35@corp.supernews.com...
I think that statement is a bit too strong. How about "creating a process from
a driver is not supported"? Clearly, if you know enough about the system, just
about anything is possible
-Brian
Brian Catlin, Sannas Consulting 310-944-9492
Windows Network, Video, WDM Device Driver Training & Consulting
See WWW.AZIUS.COM.bad for courses and scheduling
REMOVE .BAD FROM EMAIL AND WEB ADDRESS
- Posted by Tim Roberts on February 6th, 2004
"Brian Catlin" <brianc@sannas.org.bad> wrote:
Although your statement might be factually accurate, it is not helpful.
Don's answer is exactly the right one for a newsgroup like this.
Anyone who asks that kind of question almost certainly does not know enough
about Windows to hack something like that successfully, and will generate
nothing but trouble, crashes, and more weird questions. On the other hand,
by following the rules and using a user-mode service, they can actually
achieve successful results.
--
- Tim Roberts, timr@probo.com
Providenza & Boekelheide, Inc
