- Troubles with intercepting "application name" parameter of CreateProcessWithLogonW function.
- Posted by Ilya Rabinovich on August 19th, 2006
Hi everybody!
I need intercept application's name parameter with
CreateProcessWithLogonW function at driver level into WinXP. It uses
LPC for transferring information ZwRequestWaitReplyPort
(ZwReplyWaitReceivePortEx at server's (svchost) side), but I don't see
"application name" parameter within all the packets transferred. Where
is it and how I could intercept it at driver level? I'm in trouble...
Similar Posts
- "Intercepting" picture sent to wireless projector, with Palm handheld? (Handhelds & Wireless) by tommy
- How to give "users" access right to clear the "Application" log (Security & Administration) by Kan
- msiexec.exe Application Error "The instruction at "0x00f33fe8" referenced memory at "0x00f33fe8". The memory could not be "written"." (Home and office) by Edward Ray
- Varies problems...(eg :" the mouse lost it's "right-click" function") (Computers & Technology) by Black Tractor
- [Q] Static parameter or "hidden registry parameter" for Ndis D/D. (Drivers) by Daum
