A forum for reverse engineering, OS internals and malware analysis 

Ask your beginner questions here.
 #32603  by gandolf
 Wed Feb 20, 2019 3:20 pm

what does the output "Hooked by Wdf01000" mean when looking at the Major Functions in a driver in WinObjEx? I know that if it is "nt!IopInvalidDeviceRequest" the I/O request function isnt implemented, but what does the former mean? I assume the same thing as WDF is just the Windows Driver Framework Driver.
 #32613  by EP_X0FF
 Sat Feb 23, 2019 2:02 am
It mean what written. IRP handler of object located in one module is set to handler in the other module.