25 Feb
2006
25 Feb
'06
5:27 p.m.
Can anybody help me to code a little driver for a virtual hard disk drive for examination of undocumented NTFS filesystem stuctures i.e. the $LOGFILE (journaling of NTFS)? The data should be written to e.g. C:\image.bin, filesize e.g. 50MB which will correspond to a drive e.g. Z:, drive size 50MB. After every write the driver should be paused to examine the C:\image.bin to get the undocumented structure of the file $LOGFILE?
Can anybody help me? I'm a little confused by the windows DDK documentation and tutorials found on the internet. I've already downloaded the windows DDK.
Please CC me and excuse me for crossposting. Regards,
Gerold