windows RRS feed

  • Question

  • when kernelOS doing  bellow instruction what will be shown?

    for example  "Writes to foreign memory regions" use  kernel "write  memory syscall" or   "Checks for kernel debuggers (system query)" use boot.ini for active kernel mode

    1-Changes memory attributes in foreign processes to executable or writable

    2-Injects a PE file into a foreign processes

    3-allocates memory in foreign process

    4-Contains long sleeps

    5-Checks for kernel debuggers (system query)

    6-create driver

    • Moved by Bob Wu-MT Tuesday, May 15, 2012 1:20 AM (From:Windows Forms General)
    Sunday, May 13, 2012 7:23 AM


All replies

  • Hi reihaneh_af,
    Welcome to the MSDN Forum.
    This forum discusses technology related to WinForm. If you have any question about the Windows Operation System, please create a new thread in the Windows Answers Forum.
    Thank you for your understanding.
    Best Regards,

    Bob Wu [MSFT]
    MSDN Community Support | Feedback to us

    Tuesday, May 15, 2012 1:20 AM
  • Ask your question in the Windows Academic Kernel Forum at the following address



    Luigi Bruno - Microsoft Community Contributor 2011 Award

    • Proposed as answer by Bob Wu-MT Tuesday, May 15, 2012 7:25 AM
    • Marked as answer by Mr. Wharty Thursday, May 31, 2012 5:17 AM
    Tuesday, May 15, 2012 7:22 AM