Hello! I am always learning many things in this forum.
Today I need some advises about how to force delete files like I C E S W O R D's FORCEDELETE feature.
I'd tried to trace it. after that i'd got some results.
1. there should be an cleanup irp in ntfs.
2. in that time the DeletePending flag of the fileobject(about the target file) is always set.
3. but i could not see any create irps in ntfs's create disaptch routine about the target file.
so i'm curious how icesword could get the fileobject that should be deleted. and so how.
i believe that there are many experts about this topic in here!
please help me. thanks in advance!
Today I need some advises about how to force delete files like I C E S W O R D's FORCEDELETE feature.
I'd tried to trace it. after that i'd got some results.
1. there should be an cleanup irp in ntfs.
2. in that time the DeletePending flag of the fileobject(about the target file) is always set.
3. but i could not see any create irps in ntfs's create disaptch routine about the target file.
so i'm curious how icesword could get the fileobject that should be deleted. and so how.
i believe that there are many experts about this topic in here!
please help me. thanks in advance!
