Because of HOOKED function
-
quarta-feira, 15 de agosto de 2012 05:01
Hello.
I have a problem during developing.
When calling OpenProcess function , it returns FALSE.
It is becase target program hooked some function such as Ntopenprocess.
If I unhook it, the program detect it and exit...
So I read some document about it and they said that i must develop driver to solve the problem.
I have no experience of driver and no time to study,,,
If someone knows the method that can solve my trouble in user mode, help me!
Thanks :->
Todas as Respostas
-
quarta-feira, 15 de agosto de 2012 05:55
Check if LoadLibrary and GetProcAddress are not hooked and allow you to determine and call the real OpenProcess function.
-
quarta-feira, 15 de agosto de 2012 07:28
Thanks for reply.
And i don't know exactly what you said.
Please correct its meaning. :->
-
terça-feira, 21 de agosto de 2012 10:16Moderador
Hello,
I'm very interested in hearing more about your issue, did you solve your problem?
If so, would you mind sharing the solution with us, it will be very great and helpful for other members of community who stuck in similar case.
Have a nice day!
Regrads,
Elegentin Xie [MSFT]
MSDN Community Support | Feedback to us
