win10+vs2015 Configuring drive Note points

Test source

#include <ntddk.h>   VOID DriverUnload(PDRIVER_OBJECT objDriver){    // 避免编译器关于未引用参数的警告      UNREFERENCED_PARAMETER(objDriver);    // 什么也不做，只打印一行字符串      KdPrint(("My Dirver is Ending..."));}NTSTATUS DriverEntry(PDRIVER_OBJECT objDriver, PUNICODE_STRING strRegPath){    // 避免编译器关于未引用参数的警告      UNREFERENCED_PARAMETER(strRegPath);    // 打印一行字符串，并注册驱动卸载函数，以便于驱动卸载      KdPrint(("My  Dirver Is Starting!\r\n"));    objDriver->DriverUnload = DriverUnload;    return STATUS_SUCCESS;}

Configure the correct version (note 14 If other errors will occur)

If it's 15, it's wrong.


Also be aware that the type is desktop or service to the Windows platform (here Win7)


configured to generate. sys files

Want to WinDbg see the input string to do some setup
Create a new TXT file save the following copy as a. reg file double-click Run and restart your computer

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter]"DEFAULT"=dword:0000000f

SYS cannot double-click Run to use program startup can write yourself or download online
The effect is as follows

Can see the source code (debug)
But first, the next breakpoint.

NTSTATUS DriverEntry(PDRIVER_OBJECT objDriver, PUNICODE_STRING strRegPath){    // 避免编译器关于未引用参数的警告      UNREFERENCED_PARAMETER(strRegPath);    _asm int 3;    // 打印一行字符串，并注册驱动卸载函数，以便于驱动卸载      KdPrint(("My  Dirver Is Starting!\r\n"));    objDriver->DriverUnload = DriverUnload;    return STATUS_SUCCESS;}

Run


Reference:
Http://www.mycode.net.cn/language/cpp/1771.html

win10+vs2015 Configuring drive Note points