FSFD start time

Hi.
I am still working in a File System Filter Driver for virus prevention. I was testing it in Windows 2000.
I set it to start with this options:

Start : 0 (BOOT_START)
Type : 2 (File System Driver)
ImagePath : “\SystemRoot\System32\Drivers\Filefil.sys”
Group : “Filter”

I set it this way because I use “IoRegisterFsRegistrationChange” to attach to every File System when it is loaded. Then my driver must be loaded before any File System Driver. It works ok in my Win2000 PC, but I can’t load it in a WNT system, I could load it in a WXP PC, but there is another one (with WXP) where it doesn’t get loaded neither.

According to the Rajeev Nagar’s example, the driver should be loaded at boot start with group “File System”. But doing that way it doesn’t attach to the file system driver for the first partition of harddisk 1. That’s why I put it in group “Filter”.

If anyone knows why this happens, please tell me.

You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

>Start : 0 (BOOT_START)

Type : 2 (File System Driver)
ImagePath : “\SystemRoot\System32\Drivers\Filefil.sys”
Group : “Filter”

This worked fine on NT4 for me, but…
Do not use \SystemRoot… for a boot driver. The symlink is not there at this moment.

Just name the .SYS the same name as the SC database subkey and put it to system32\drivers. Do not use ImagePath at all. This works.

Also I have some doubts in Type field, IIRC it was 4 for me.

Max

You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com