Skip to content
wj32
information when you need it
  • Home
  • About
  • Software
    • Process Hacker
    • WJ’s Backup
    • Empty Standby List
    • Other utilities
  • Mathematics

Category: Programming

Programming

The NT "reserve object"

Posted on July 18, 2010 by wj32 / 1 Comment

Windows 7 introduced two new object types: UserApcReserve and IoCompletionReserve. What do these object types have in common? They’re both created using N...

Hardware/Programming/Windows

PAE patch updated for Windows 7

Posted on May 4, 2010 by wj32 / 98 Comments

Note: An updated version for Windows 7 SP1 is available. This patch allows you to use more than 3/4GB of RAM on an x86 Windows system. Works on Vista and 7, has...

Programming/Windows

HOWTO: Use I_QueryTagInformation

Posted on March 30, 2010 by wj32 / 4 Comments

Process Explorer 12 includes a new feature whereby you can view service names associated with threads. To find out how this works, read this article by Alex Ion...

Programming/Windows

Get the image file name of any process from any user on Vista and above

Posted on March 30, 2010 by wj32 / 5 Comments

On Vista and above there is an information class for NtQuerySystemInformation which I call SystemProcessImageNameInformation (88). (Note that I reverse-engineer...

Programming

Fast reader-writer lock in C

Posted on January 23, 2010 by wj32 / 3 Comments

I ported my fast reader-writer lock from C# to C for Process Hacker 2. Here it is. #include <windows.h> #include <intrin.h> // Put this in a header ...

Programming

12 ways to terminate a process

Posted on May 10, 2009 by wj32 / 6 Comments

TerminateProcess or NtTerminateProcess Everyone knows about TerminateProcess. You simply open a handle to the target process and call TerminateProcess. In case ...

Programming/Windows

NtQuerySystemInformation: a simple way to bypass rootkits which hide processes by hooking

Posted on April 25, 2009 by wj32 / 2 Comments

You’ve probably seen code like this: NTSTATUS MyRootkitNtQuerySystemInformation( ULONG SystemInformationClass, PVOID SystemInformation, ULONG SystemInform...

Programming/Windows

HOWTO: Implement your own NtOpenProcess in kernel-mode

Posted on February 19, 2009 by wj32 / 2 Comments

Writing a system utility but annoyed by the fact that you can’t open the processes of security software and rootkits, instead receiving “Access Deni...

Programming/Windows

HOWTO: Get the command line of a process

Posted on January 24, 2009 by wj32 / 25 Comments

How would you get the command line of a process? Some people have suggested that you use remote thread injection, call GetCommandLine(), then IPC the result bac...

Programming

Process Hacker

Posted on October 18, 2008 by wj32 / 0 Comment

<advertisment> I’ve been working a C# program for the past 2 weeks… Process Hacker is a process viewer/manager with special features, includin...

Posts navigation

« Previous 1 2

Recent Posts

  • PAE patch updated for Windows 10
  • F# code: memoize a recursive function
  • Horn’s inequality for singular values via exterior algebra
  • New web host
  • PAE patch updated for Windows 8.1

Recent Comments

  • Прибираємо обмеження в 4 Гб пам’яті на 32 бітних Windows 8 / 8.1 - Windows для системних адміністраторів on PAE patch updated for Windows 8.1
  • Yong Zhi Yang on PAE patch updated for Windows 10
  • Yong Zhi Yang on PAE patch updated for Windows 10
  • Enn on PAE patch updated for Windows 10
  • Ped on PAE patch updated for Windows 10

Archives

  • February 2016
  • January 2016
  • December 2015
  • September 2014
  • October 2013
  • June 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • April 2012
  • December 2011
  • October 2011
  • February 2011
  • July 2010
  • May 2010
  • March 2010
  • January 2010
  • May 2009
  • April 2009
  • February 2009
  • January 2009
  • October 2008

Categories

  • F#
  • Hardware
  • Mathematics
  • Programming
  • Website
  • Windows

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
© 2021 wj32
Powered by WordPress | Theme: Graphy by Themegraphy