It’s better to just say SHUT the F UP
— On Thu, 17/2/11, Gary G. Little wrote:
From: Gary G. Little
Subject: Re: [ntdev] Getting Current Driver path
To: “Windows System Software Devs Interest List”
Date: Thursday, 17 February, 2011, 4:48
#yiv134645619 p {margin:0;}Dude, before one attempts to get insulting in a second language, one really should study the idioms used in that language, as well as learn how to type using that languages keyboard. Your repartee is simply … ludicrous. What in the hell did you PUMP??? Frankly, at my age, I doubt I would CARE what you PUMPED …
Oh yeah … I’ll see you 10 and raise you 30.
Gary G. Little
----- Original Message -----
From: “mehdi yaghobi”
To: “Windows System Software Devs Interest List”
Sent: Thursday, February 17, 2011 3:16:09 AM
Subject: Re: [ntdev] Getting Current Driver path
I hate people who think know too much and they think each asker is newbie and they think they detect them so easily. I said I did wrong by asking question.
P.S. I already PUMPED my 10+ years in you. Enjoy it
— On Wed, 16/2/11, Prokash Sinha wrote:
From: Prokash Sinha
Subject: Re: [ntdev] Getting Current Driver path
To: “Windows System Software Devs Interest List”
Date: Wednesday, 16 February, 2011, 22:20
What is your problem???
No one in this list begging you to ask question !!!.
You asked one on your own, and you got quite a few good answers from experts on this
list.
Pump your 10+ years experience thru your rear end and shut the F up… OK???
-pro
On Feb 16, 2011, at 9:16 PM, mehdi yaghobi wrote:
That’s not important, I was able to do it all, I just wanted for ready made codes, just don’t think you know too much, don’t behave like you are expert, I know that all, no need to mention, I did mistake by asking. That’s all. Yes, I don’t read DOCS and SAMPLES, I don’t have enough time, I look in google or ask in maillist and wait for a ready made sample source code (if exist) if not I write it myself, no time to check those LONG docs and a lot of examples.
— On Wed, 16/2/11, Mark Roddy wrote:
From: Mark Roddy
Subject: Re: [ntdev] Getting Current Driver path
To: “Windows System Software Devs Interest List”
Cc: “Martin O’Brien”
Date: Wednesday, 16 February, 2011, 14:27
It was a fascinating thread though.
Mark Roddy
On Wed, Feb 16, 2011 at 3:37 PM, Martin O’Brien wrote:
While this is quite a find, you apparently have never looked at
the WDK, either the docs or the samples. Had you, you would know that the
docs contain information about DOCUMENTED routines that do the same things as
the NtRegXXX routines you mean – you’re crappy sample uses them,
actually, and they are the same ones that I mentioned earlier – and also
that many of the samples contain the same boilerplate code for query registry
values in DriverEntry().
I tried to help you and gave you the names of the same routines
that you ended up using (incorrectly) via some random block of code that you
downloaded, so I don’t want to hear it about how you’re
misunderstood or whatever, and regarding what you know, suffice to say that you
had to ask how to query registry values, so were I you, I go with the newbie
tag, as the alternative is worse.
mm
From:
xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On
Behalf Of mehdi yaghobi
Sent: Wednesday, February 16, 2011 1:58 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Getting Current Driver path
Never think that you know too much and asker is a newbie.
When I asked this question, I was able to do some googling and finding some
NtRegXXX for reading ImagePath, for a Win32 developer with 10 years of
experience it’s nothing, just I thought maybe there is some non-popular not
documented ready made API for it.
It’s not security nonsense, I know enough about security and windows
programming to not ask non-sense questions… Just I can’t explain why I need
it, you all will say Rootkit question, malware development, etc. So I don’t
bother explaining reason. If somebody knows a method, just share. Otherwise I
know NtReg stuff. Don’t judge so fast, don’t call everyone newbie, don’t call
yourself professional, that’s all
— On Wed, 16/2/11, xxxxx@fastmail.fm
wrote:
From: xxxxx@fastmail.fm
Subject: RE:[ntdev] Getting Current Driver path
To: “Windows System Software Devs Interest List”
Date: Wednesday, 16 February, 2011, 10:43
> Assume my Driver’s Key is SecCore, how can I read
it’s ImagePath from
Registry?
Auch… this is yet another “security” nonsense. Please read
again reply of Martin (mm) - the driver path does not mean much. Sysinternals
tools, for example, used to delete the service key of their kernel drivers
while the binary still in memory.
The normal documented way to get the path (whatever it is worth) is to use
services API or just read it from the driver’s service key. If there is no
ImagePath value, it is assumed to be
%systemroot%\system32\drivers<servicename>.sys.
Regards,
–pa
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
— NTDEV is sponsored by OSR For our schedule of WDF, WDM, debugging and other
seminars visit: http://www.osr.com/seminars To unsubscribe, visit the List
Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
