Hi, kernelmode.
The problem is: i gotta xpsp3-32 and 7sp1-32; Need to block all unsigned drivers when they try to load; That's what i've done for that:
1) xpsp3-32:
Set key HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows NT\Driver Signing\BehaviorOnFailedVerify to 2 (Block); Tried to set 1(Warn);
Set "Block unsigned drivers" in UI (noticed that it doesn't effect to registry key mentioned before);
2) 7sp1-32:
bcdedit -set TESTSIGNING ON
bcdedit reported that operation completed successfully;
But i still can load unsigned driver (assembled through VisualDDK - simple bsod-gen in 2 lines - a very vivid result). If it matters i load drivers through kmdmanager.
1)So, as i suspect there can be other registry vars that really control driver signing. Perhaps i've modified a wrong one.
2)I have no gpedit on 7sp1-32, cause it's HB edittion. I've failed to find any useful vars in registry.
The problem is: i gotta xpsp3-32 and 7sp1-32; Need to block all unsigned drivers when they try to load; That's what i've done for that:
1) xpsp3-32:
Set key HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows NT\Driver Signing\BehaviorOnFailedVerify to 2 (Block); Tried to set 1(Warn);
Set "Block unsigned drivers" in UI (noticed that it doesn't effect to registry key mentioned before);
2) 7sp1-32:
bcdedit -set TESTSIGNING ON
bcdedit reported that operation completed successfully;
But i still can load unsigned driver (assembled through VisualDDK - simple bsod-gen in 2 lines - a very vivid result). If it matters i load drivers through kmdmanager.
1)So, as i suspect there can be other registry vars that really control driver signing. Perhaps i've modified a wrong one.
2)I have no gpedit on 7sp1-32, cause it's HB edittion. I've failed to find any useful vars in registry.
