Skip to content

Type__HOOKED_DRIVER_UMINFO

Jump to bottom Edit New page
Martin Drab edited this page Mar 20, 2020 · 3 revisions

_HOOKED_DRIVER_UMINFO struct

Summary

Contains information about one driver hooked by the IRPMon driver.

Definition

typedef struct _HOOKED_DRIVER_UMINFO {
    PVOID ObjectId;
    PVOID DriverObject;
    PWCHAR DriverName;
    ULONG DriverNameLen;
    BOOLEAN MonitoringEnabled;
    BOOLEAN DeviceExtensionHooks;
    ULONG NumberOfHookedDevices;
    PHOOKED_DEVICE_UMINFO HookedDevices;
} HOOKED_DRIVER_UMINFO, *PHOOKED_DRIVER_UMINFO;

Members

ObjectId

ID of the object, used within the IRPMon driver.

DriverObject

Address of driver's DRIVER_OBJECT structure.

DriverName

Name of the driver. Cannot be NULL.

DriverNameLen

Length of the driver name, in bytes. The value does not include the terminating null-character.

MonitoringEnabled

Indicates whether the IRPMon driver monitors events related to the target driver. If set to TRUE, the information about the events is stored in the IRPMon Event Queue.

DeviceExtensionHooks

If set to TRUE, device extension-based hooks are used instead of IRP ones. */

NumberOfHookedDevices

Number of devices, monitored by the IRPMon driver (not including the new ones).

HookedDevices

An array of @link(HOOKED_DEVICE_UMINFO) structures, each representing one monitored device.

See also

Requirements
Header general-types.h
Add a custom footer

General

For Users-Developers

Tutorial

Public API

Functions

Types

Clone this wiki locally