where does TDIMon Resides

Discussion in 'Windows Vista Drivers' started by Sandra, Jan 19, 2005.

  1. Sandra

    Sandra Guest

    I have installed TDIMon on my local pc where I have installed my TDIFilter
    .....now I'm viewing and comparing the logs that TDIMon displays and the logs
    that windbg displays (installed on my remote PC monitoring my local machines
    kernel driver activities)... here are my questions:

    1. TDIFilter resides right bellow AFD.sys and right above TCp.sys, correct?

    2. If above is true, then WinDbg displays calls that are coming in from
    AFD.sys (TDIClient) going to the TCP.Sys (Trnasport Driver), correct?

    3. If so, then where does TDIMOn Resides??? is it between the TDIFilter and
    TCP.sys (TD)? Or is it between AFD.sys (TDI Client) and TDIFilter???

    I'm just trying to figure out that who is giving what message....

    4. Just out of curiosity, what is "System:8" that is running in background
    (shows on TDIMon)?

    Thank you for your feedback
     
    Sandra, Jan 19, 2005
    #1
    1. Advertisements

  2. 1. TDIFilter resides right bellow AFD.sys and right above TCp.sys, correct?

    Yes.
     
    Maxim S. Shatskih, Jan 21, 2005
    #2
    1. Advertisements

  3. Don't forget that you have tdi.sys between afd.sys and tcpip.sys , you can
    check with BindView
    ( project in DDK samples ) where two added by you drivers layered.
    System:8 mean that it on system context with code selector in GDT equal to
    code32 ( 8 )
    Arkady
     
    Arkady Frenkel, Jan 22, 2005
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.