Question about WinObjEx output

Ask your beginner questions here.
Post Reply
gandolf
Posts: 4
Joined: Fri Nov 08, 2013 2:55 pm

Wed Feb 20, 2019 3:20 pm

Hello

what does the output "Hooked by Wdf01000" mean when looking at the Major Functions in a driver in WinObjEx? I know that if it is "nt!IopInvalidDeviceRequest" the I/O request function isnt implemented, but what does the former mean? I assume the same thing as WDF is just the Windows Driver Framework Driver.
User avatar
EP_X0FF
Global Moderator
Posts: 4886
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Sat Feb 23, 2019 2:02 am

It mean what written. IRP handler of object located in one module is set to handler in the other module.
Ring0 - the source of inspiration
Post Reply