Trying to get my head around x86 before I take the dive into x64 so I picked up an old Windows 7 x86 ISO from softlay.com to use in vbox. Spent most of the day writing this module and naturally placed quite a few calls to KdPrint to see if everything would go as expected.

Anyways, I download sysinternals and couldn't even debug the kernel when running as administrator. Hmm, local debugging must be turned off, so I go and switch it on and reboot. Now the VM won't get past the Windows loading screen.

So I rinse and repeat. Same thing. Now I'm suspicious, so I decided to inspect the contents of the ISO.. before I could get very far Windows Defender went batshit crazy.

I'm guessing this ISO has been tampered with and comes with a free rootkit given that it bricked the VM instance when I tried to enable kernel debugging. The system actually wasn't repairable, both times I had to start from scratch.

Just thought I'd share because it was interesting to me. If anyone has any ideas how I could test my kernel modules in x86 environments that would be great, I'd rather not download malware, even if it is running in a VM lol.