regards to all
I would like to know how to check if a driver is loaded currently from user mode, for not to make the registration process multiple times,
in others words an alternative to SCManager functions because I’m loading the driver via ZwLoadDriver function.
could anyone help me, thanks a lot.
It is unclear what you want to know. On the one hand, you say “if the
driver is loaded” and on the other hand to talk about the “registration
process”.
A driver can be registered but not loaded. If it is already registered,
re-registering it doesn’t change anything (typically, unless you go out of
your way to do something odd). And to see if it is registered, all you
have to do is look at the keys.
Loaded implies that the driver is in memory and running. And that could
be determined, if it has a user-visible name, simply by trying a
CreateFile on the device. If you get Access Denied, then it is loaded but
might be in use and has an exclusive handle. If it opens, it is loaded,
and doesn’t have an exclusive handle or no one else is using it. If you
get “File not found”, it isn’t loaded, although it might be installed.
So what are you actually looking for?
joe
regards to all
I would like to know how to check if a driver is loaded currently from
user mode, for not to make the registration process multiple times,
in others words an alternative to SCManager functions because I’m loading
the driver via ZwLoadDriver function.could anyone help me, thanks a lot.
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminarsTo unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
On 01-Jul-2012 10:42, xxxxx@hotmail.com wrote:
regards to all
I would like to know how to check if a driver is loaded currently from user mode, for not to make the registration process multiple times,
in others words an alternative to SCManager functions because I’m loading the driver via ZwLoadDriver function.could anyone help me, thanks a lot.
Check this:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms682619(v=vs.85).aspx
and this:
http://technet.microsoft.com/en-us/library/bb490896
Good luck,
– pa
>ZwLoadDriver function.
In user mode? what is the need? it is just plain and simple the same as SC’s call.
More so: drivers loaded in kmode using this call will show as Running in SC’s service list.
To answer your original question: some functions like PSAPI’s ones or ZwQuerySystemInformation can give you the list of loaded drivers.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
A breathalyzer is recommended. In some states, a blood alcohol content of
0.10 is considered too drunk to drive, while in other states, values as
low as 0.06 are considered to be impaired.
Informal field sobriety tests may also be conducted. The ability to
enumerate all the devices is a common test. A driver that is too loaded
may also stagger about and slur words, doublewords, and quadwords. Some
drivers are unable to maintain any form of alignment.
The blood alcohol level of the coder of the driver is not considered.
(Sorry, I couldn’t resist!)
joe
>ZwLoadDriver function.
In user mode? what is the need? it is just plain and simple the same as
SC’s call.More so: drivers loaded in kmode using this call will show as Running in
SC’s service list.To answer your original question: some functions like PSAPI’s ones or
ZwQuerySystemInformation can give you the list of loaded drivers.–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminarsTo unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
oh yeah, thanks all, I mean know if a driver is loaded into the system (leave the registration process)
@Maxim S. Shatskih:
sorry, I meant NtLoadDriver function
@Joseph M. Newcomer:
dude, how I can use CreateFile to check if the driver is loaded?
@Pavel A:
thanks for yo reply, dude
> oh yeah, thanks all, I mean know if a driver is loaded into the system
(leave the registration process)
@Maxim S. Shatskih:
sorry, I meant NtLoadDriver function@Joseph M. Newcomer:
dude, how I can use CreateFile to check if the driver is loaded?
***
As I said, if it is a driver that presents an interface to an application
(as opposed to a filter driver or low-level driver not directly
accessible) then CreateFile will tell you if it is loaded. Note that I
did add the qualification that it had to present an application-visible
interface.
Not just installed; loaded and running.
***
@Pavel A:
thanks for yo reply, dude
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminarsTo unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer