Sign in

Microsoft.com

Microsoft

Remove From My Forums

Tracereg example in detours does not work in Win7.

Question
0

Sign in to vote
Not all cases of Kernel32!RegOpenKeyExw (or any other registry calls) are detoured as expected. It used to work fine in WinXP where the hook was on Advapi32!RegOpenKeyExw

I have screen shot of 1 working and non working stack from Procmon. My case was a 2 line vbs script as below..

Set WshShell = WScript.CreateObject("WScript.Shell")
WScript.Echo WshShell.RegRead("HKCR\._sln\v1")

Not working case:

Thanks Babraham
- Moved by Jamles Hez Tuesday, September 8, 2015 1:46 AM
Thursday, September 3, 2015 7:03 AM

Reply

|

Quote

Answers

0

Sign in to vote
Hello,

I'd ask in the Windows 7 IT Pro forums:

http://social.technet.microsoft.com/Forums/windowsserver/en-US/home?category=w7itpro

Karl
When you see answers and helpful posts, please click Vote As Helpful, Propose As Answer, and/or Mark As Answer.
My Blog: Unlock PowerShell
My Book: Windows PowerShell 2.0 Bible
My E-mail: -join('6D73646E5F6B61726C406F75746C6F6F6B2E636F6D'-split'(?<=\G.{2})'|%{if($_){[char][int]"0x$_"}})
- Proposed as answer by Dave PatrickMVP, Moderator Tuesday, September 8, 2015 2:35 PM
- Marked as answer by Dave PatrickMVP, Moderator Friday, September 11, 2015 12:48 AM
Tuesday, September 8, 2015 2:32 PM

Reply

|

Quote

Moderator

All replies

0

Sign in to vote

Hi Babraham,

The screen shot seems not work and I don't think the question related with MSBuild.

I will move your question to "Where is the forum for" forum to see where is the best place for your question.

Thanks for your understanding

--James
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click HERE to participate the survey.

Tuesday, September 8, 2015 1:45 AM

Reply

|

Quote
0

Sign in to vote
Hello,

I'd ask in the Windows 7 IT Pro forums:

http://social.technet.microsoft.com/Forums/windowsserver/en-US/home?category=w7itpro

Karl
When you see answers and helpful posts, please click Vote As Helpful, Propose As Answer, and/or Mark As Answer.
My Blog: Unlock PowerShell
My Book: Windows PowerShell 2.0 Bible
My E-mail: -join('6D73646E5F6B61726C406F75746C6F6F6B2E636F6D'-split'(?<=\G.{2})'|%{if($_){[char][int]"0x$_"}})
- Proposed as answer by Dave PatrickMVP, Moderator Tuesday, September 8, 2015 2:35 PM
- Marked as answer by Dave PatrickMVP, Moderator Friday, September 11, 2015 12:48 AM
Tuesday, September 8, 2015 2:32 PM

Reply

|

Quote

Moderator