I am new to Driver writing, I downloaded and built the Delete sample driver provided by Microsoft, I installed it on my VM successfully using the INF file, but when I started the service, it doesn’t show up in the DebugView application like other drivers I tested previously. Does anyone have any insight on this? Please help me out.
Note that in this sample only errors are logged by default:
ULONG gTraceFlags = DFDBG_TRACE_ERRORS;
#define DF_PRINT( ... ) \
DbgPrintEx( DPFLTR_FLTMGR_ID, DPFLTR_ERROR_LEVEL, __VA_ARGS__ )
#define DF_DBG_PRINT( _dbgLevel, ... ) \
(FlagOn( gTraceFlags, (_dbgLevel) ) ? \
DF_PRINT( __VA_ARGS__ ): \
(0))
You can add the DFDBG_TRACE_ROUTINES and DFDBG_TRACE_OPERATION_STATUS flags to see more logs
1 Like