Driver modification

Hello,

I’m modifying WinXP Kernel mode device driver and it can’t be started when modified. I changed text part so this is not noobie mistake.
I tried to change another sys-file (driver) and it starts properly when modified.

What mechanism prevents Service manager from starting modified Kernel mode driver?

To minimize impact of 3rd softwares, I used “serviwin.exe”. The Error message is:
“Error 2001: The specified driver is invalid.”

Axel.

think you not modify CheckSum. as result and error.

Axel Lahti wrote:

I’m modifying WinXP Kernel mode device driver and it can’t be started
when modified. I changed text part so this is not noobie mistake.
I tried to change another sys-file (driver) and it starts properly when
modified.

Do you literally mean you are editing the executable files? For what possible purpose? If you are modify in-the-box files, that’s incredibly delicate, because the files change over releases, service packs, and hotfixed.

What mechanism prevents Service manager from starting modified Kernel
mode driver?

Well, it’s not really Service Manager. There is a checksum field in the PE header. The user-mode loader ignores that checksum, but the kernel-mode loader will not load a kernel module where the checksum does not match. You can use Editbin /Release to fix the checksum.

Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.