Kernel Driver: Failed to register callbacks (status=C0000022)
I recently read the book "Windows Kernel Programming" by Pavel Yosifovich. In Chapter 9 - "Object and Registry Notifications" there is a project called "The Process Protector Driver", after I finish the book I try to create this project from 0 and add my upgrades. Every time I was trying to run my driver I got the same error:
Failed to register callbacks (status=C0000022)
I thought there is something wrong with my code so I decide to copy the code from the book and try it.. but I got the same error.
I load the Driver in VirtualBox Windows 10 32-bit like this (In CMD as Administrator):
sc create protect type= kernel binPath= C:\Users\Test\Desktop\ProcessProtectorDriver.sys
sc start protect
(left side is the DbgView tool from sysinternals)
After a few searches about this I think my Driver need to be signed, so I try to disable driver signature verification like this:
bcdedit /set testsigning on
About the project:
- I add the /INTEGRITYCHECK to Configuration Properties -> C/C++ -> Command Line (from the book)
- I try the Driver in Debug mode
but I got the same error..
The Process Protector Driver Project Code:
Driver: https://github.com/zodiacon/windowskernelprogrammingbook/tree/master/chapter09/ProcessProtect
Client: https://github.com/zodiacon/windowskernelprogrammingbook/tree/master/chapter09/Protect
my mistake was I put the /INTEGRITYCHECK in the
Configuration Properties -> C/C++ -> Command Line
instead of in the
Configuration Properties -> Linker -> Command Line
The problem solved.
- How memory address for pointer to arrays is same as an element in 2D array?
- Which is the best way to suppress "unused variable" warning
- How to use ellipsis in c's case statement?
- Fast & accurate atan/arctan approximation algorithm
- How can I exclude non-numeric keys? CS50 Caesar Pset2
- Fast ceiling of an integer division in C / C++
- Is there an invalid pthread_t id?
- How does SIMD (avx) processing work? for example, if I want 10 32 bit floats how do i fit in a 256 bit avx vector?
- FDCAN problems on STM32G4
- How does the call macro enable mutual recursion between functions f and g in this Hanoi Tower implementation?
- Running test on Rocket core CPU - global variable initialized to 0 is unsuccessful, output wrong value instead
- Interacting with C arrays without knowing the size
- Combination of two strings
- Avoiding strcpy overflow destination warning
- carriage return by fgets
- How to use special characters in C?
- Why does 1.0/100.0 == 0.1/10.0 give True?
- Is it correct to compare pointers in C?
- Force free() to return malloc memory back to OS
- How can I print to standard error in C with 'printf'?
- What is the standard behavior of fread in C on Windows?
- How is strtok removing lines it shouldn't have access to?
- Using array as smart point in C
- Assigning string to malloced 2d char array not working as intended
- How to refactor repetition inside a Makefile?
- Why does an empty preprocessor command still evaluate to something?
- How to implement variable sized array within C struct
- Character array typecasting to integer
- Handling HTTP Headers in a Minimal C HTTP Server
- How to get the sign, mantissa and exponent of a floating point number