It’s a resource reference. That means “string resource 1000 in the DLL Wdf01000.sys”. If you open the binary in Visual Studio, you’ll see that it is “Kernel Mode Driver Frameworks service”. The same notation is commonly used to point to icons.
Also, many have an additional subkey called Security with a value Security REG_BINARY
These are binary security descriptors of service objects. SDs of files and registry keys are persisted on disk with these objects. Service objects are volatile and their SD are persisted in these binary values.
– pa
Also, many have an additional subkey called Security with a value Security REG_BINARY
These are binary security descriptors of service objects. SDs of files and registry keys are persisted on disk with these objects. Service objects are volatile and their SD are persisted in these binary values.
– pa
Thanks Pavel. How does one go about setting them? I assume it is through the INF? Is there a way to set it if a driver is installed using CreateService?
@Tim_Roberts said:
It’s a resource reference. That means “string resource 1000 in the DLL Wdf01000.sys”. If you open the binary in Visual Studio, you’ll see that it is “Kernel Mode Driver Frameworks service”. The same notation is commonly used to point to icons.