I'd like to integrate PrcView's prcmondrv1041.sys process monitor driver into the XP setup files in order to be able to log all created processes and their command lines during the XP GUI Setup phase.
I've already created a .reg file with all the data neccessary:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\prcmondrv]
"DisplayName"="prcmondrv"
"ImagePath"=hex(2):5C,3F,3F,5C,43,3A,5C,57,49,4E,44,4F,57,53,5C,73,\
79,73,74,65,6D,33,32,5C,64,72,69,76,65,72,73,5C,\
70,72,63,6D,6F,6E,64,72,76,31,30,34,31,2E,73,79,\
73,00
"ErrorControl"=dword:00000001
"Start"=dword:00000001
"Type"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\prcmondrv\Enum]
"NextInstance"=dword:00000001
"Count"=dword:00000001
"0"="Root\\LEGACY_PRCMONDRV\\0000"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\prcmondrv\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9C,00,00,00,14,00,00,00,\
30,00,00,00,02,00,1C,00,01,00,00,00,02,80,14,00,\
FF,01,0F,00,01,01,00,00,00,00,00,01,00,00,00,00,\
02,00,60,00,04,00,00,00,00,00,14,00,FD,01,02,00,\
01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,\
FF,01,0F,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8D,01,02,00,01,01,00,00,\
00,00,00,05,0B,00,00,00,00,00,18,00,FD,01,02,00,\
01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,\
01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,\
00,00,00,05,12,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\prcmondrv\config2600]
"p2"=dword:00000044
"iData"=hex:06,00,00,00,2F,00,00,00,30,00,00,00,01,01,00,00,\
E4,00,00,00,35,00,00,00,77,00,00,00
"LogFile"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PRCMONDRV]
"NextInstance"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PRCMONDRV\0000]
"DeviceDesc"="prcmondrv"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"Class"="LegacyDriver"
"ConfigFlags"=dword:00000000
"Legacy"=dword:00000001
"Service"="prcmondrv"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PRCMONDRV\0000\Control]
"ActiveService"="prcmondrv"
"*NewlyCreated*"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\prcmondrv]
"DisplayName"="prcmondrv"
"ImagePath"=hex(2):5C,3F,3F,5C,43,3A,5C,57,49,4E,44,4F,57,53,5C,73,\
79,73,74,65,6D,33,32,5C,64,72,69,76,65,72,73,5C,\
70,72,63,6D,6F,6E,64,72,76,31,30,34,31,2E,73,79,\
73,00
"ErrorControl"=dword:00000001
"Start"=dword:00000001
"Type"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\prcmondrv\Enum]
"NextInstance"=dword:00000001
"Count"=dword:00000001
"0"="Root\\LEGACY_PRCMONDRV\\0000"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\prcmondrv\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9C,00,00,00,14,00,00,00,\
30,00,00,00,02,00,1C,00,01,00,00,00,02,80,14,00,\
FF,01,0F,00,01,01,00,00,00,00,00,01,00,00,00,00,\
02,00,60,00,04,00,00,00,00,00,14,00,FD,01,02,00,\
01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,\
FF,01,0F,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8D,01,02,00,01,01,00,00,\
00,00,00,05,0B,00,00,00,00,00,18,00,FD,01,02,00,\
01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,\
01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,\
00,00,00,05,12,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\prcmondrv\config2600]
"p2"=dword:00000044
"iData"=hex:06,00,00,00,2F,00,00,00,30,00,00,00,01,01,00,00,\
E4,00,00,00,35,00,00,00,77,00,00,00
"LogFile"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PRCMONDRV]
"NextInstance"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PRCMONDRV\0000]
"DeviceDesc"="prcmondrv"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"Class"="LegacyDriver"
"ConfigFlags"=dword:00000000
"Legacy"=dword:00000001
"Service"="prcmondrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PRCMONDRV\0000\Control]
"ActiveService"="prcmondrv"
"*NewlyCreated*"=dword:00000000
How can I integrate these entries into the XP setup files properly?
Thanks!
Attached Files
-
PrcViewDrv.reg 3.65KB
434 downloads
