Highest Voted 'ntdll' Questions

0

votes

2 answers

GetProcAddress vs __declspec( dllimport )

What's the difference between the two? i.e. for finding functions such as Nt___ or Zw___

asked Sep 15 '18 at 04:56

user10214010

0

votes

0 answers

Is it possible to open a handle to the Windows Defender (MsMpEng.exe) process with PROCESS_ALL_ACCESS or PROCESS_TERMINATE rights?

I have followed Microsoft's on How to obtain a handle to any process with SeDebugPrivilege to gain the SE_DEBUG privilege in my process token. However, when trying to open a handle to MsMpEng.exe with full rights, I receive an error code of c0000022…

c winapi ntdll

asked Sep 01 '18 at 16:30

0xadam

11

0

votes

1 answer

C++ Error when changing the cursor from a resource file

I'm trying to change the cursor of my mouse with a .cur file in a resource file. When I'm try my code, I get this error: Exception raised at 0x77EB7392 (ntdll.dll) in CleanResourceFiles.exe: 0xC0000005: Access Violation while reading location…

c++ cursor loadimage ntdll resource-file

asked Jun 13 '18 at 20:07

Lotcelan

1
1

0

votes

1 answer

How to use NtOpenProcess

I am trying to use NtOpenProcess() I have not find any example in town. I am getting an error any help is much appreciated. int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE prevInstance, PSTR szCmdLine, int showCmd) { HANDLE handle; HWND…

winapi ntdll

asked Feb 26 '18 at 10:05

arc

83
1
10

0

votes

2 answers

UWP Unhandled Exception when writing to serial

I'm having an issue with writing to a serial device in UWP. My task for writing to the port looks like this: public async Task WriteAsync(byte[] stream) { if (stream.Length > 0 && serialDevice != null) { await…

c# uwp serial-port windows-10 ntdll

asked Jan 27 '18 at 20:40

Mateusz Sadowski

43
1
9

0

votes

1 answer

Is there a way other than "hooking" which can be used to monitor Native/SSDT API calls on a Windows system?

I was told by someone with a lot of experience that there is at least one alternate way to monitor Windows OS calls, in the context of for example, creating Process Monitor-like functionality or developing an anti-virus scanner, which is not…

windows kernel driver ntdll

asked Sep 27 '17 at 20:08

the_endian

2,259
1
24
49

0

votes

1 answer

Enumeration handle names issue

I found a way to enumerate other programs handles, but I have problem now. I can not see Process type threads. I need to check which programs open handles for my process. When I check the output, it is "unnamed", I don't know how to fix it. Should…

driver enumeration handle ntdll getnameinfo

asked Sep 25 '17 at 20:02

ismet JM

21
1
9

0

votes

1 answer

workaround bug of LoadLibraryEx(..., LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR) loading wrong dll

The situation is following. These dlls are loaded in a process: c:\abc\foo.dll c:\abc\bar.dll c:\zxc\foo.dll And the process is located in c:\abc\. I'm loading c:\zxc\bar.dll. It implicitly links to foo.dll. And it should link to c:\zxc\foo.dll,…

windows winapi dll ntdll

asked Feb 05 '17 at 10:59

my_stk_oflw_account

339
3
13

0

votes

1 answer

calling native(Nt) API in user mode

I am trying to call native API(NtOpenKey) in user mode. I am seeing linker problem. I am really confused, what is missing here. How can I achieve doing this? I am attaching my code here. ntdll.lib is added to the project(link) Error 58 error…

winapi ntdll

asked Jan 14 '17 at 02:55

sreeR

59
6

0

votes

0 answers

ntdll.dll allocation error in visual studio 2010

I have a properly running application developed in Visual Studio 2010 using several C++ libraries. I copied the necessary files onto my laptop to work on it on my own time and set up the environment required (VS2010, ITK, VTK, Boost, Qt, FANN,…

c++ visual-studio-2010 ntdll

asked Dec 01 '16 at 19:22

Surya Rajan

35
7

0

votes

1 answer

MySQL Workbench 6.3.7 crashes on query with Windows 10 Home

I have this recurring issue of MySQL Workbench (v6.3.7) query crashing on execution. The OS is Windows 10 Home, and the application event log shows the following message pointing to faulting module as C:\WINDOWS\SYSTEM32\ntdll.dll: Faulting…

mysql windows-10 mysql-workbench ntdll

asked Sep 02 '16 at 10:27

luhfluh

487
2
8
26

0

votes

1 answer

NtQueryInformationFile returns incorrect allocation size

I use NtQueryInformationFile with FILE_STANDARD_INFORMATION struct to retrieve the allocation size of file. But for small files it returns incorrect1 result. For example text file with size 1 byte returns 8 bytes allocation size, instead 4096 bytes.…

winapi filesize ntdll

asked Aug 30 '16 at 18:46

user2120666

579
1
4
16

0

votes

1 answer

STATUS_ACCESS_DENIED on a call to NtQueryMutant

Disclaimer: The only reason for the question and the code below to exist is an external component used in my application, which cannot be replaced, at least in the near future. This component's logic intercepts WinAPI calls from the application and…

c++ winapi ntdll undocumented-behavior

asked Aug 11 '16 at 11:15

galenus

2,087
16
24

0

votes

1 answer

Python program crashes because of ntdll.dll and QtGui4.dll

I have designed a Python software to collect data from my microcontroller and make live plots: I have twelve matplotlib animations in my GUI (the GUI is designed with PyQt). Each matplotlib animation is connected to one TCP thread, receiving…

python qt dll pyqt4 ntdll

asked May 15 '16 at 19:37

K.Mulier

8,069
15
79
141

0

votes

0 answers

registry entry access from native ntdll

is there a document which let me know what are the HKLM registry hives are accessible from Native C++ program. I am writing a C program which will run using BootExecute and will access read / write reg entries. I could do it successfully under…

c boot regedit ntdll runonce

asked Mar 15 '16 at 15:56

rocky

157
3
13

Questions tagged [ntdll]