Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Suspending a riot process..how?
Register Forum Rules FAQ Calendar

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #14  
Old 02-22-2005, 18:47
LaDidi LaDidi is offline
VIP
  
Join Date: Aug 2004
Posts: 222
Rept. Given: 2
Rept. Rcvd 11 Times in 10 Posts
Thanks Given: 64
Thanks Rcvd at 54 Times in 29 Posts
LaDidi Reputation: 11
An other idea.
Thanks MARKuS to explain better my idea :-)
In fact, RegBackup launch the service RegManServ which launch another instance of RegBackup in a SYSTEM context !
Have you tried to launch via SYSTEM context (ie: AT HH:MM myProg.exe).
You have RegManServ.Log which may help you...
Effectively, it execs :
"C:\app_test\Advanced Registry Doctor\RegBackup.exe" /INIT_DIR="c:\RegBackup\" /local_system

***** A part of the answer *****
As it Executes GlobalAddAtomA("RegManServRegBackup.exe") [see HW_BP in 00411986 or BP on ntdll.ZwAddAtom], it uses DDE !...
Reply With Quote
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
How RIOT Games employs anti cheat measures foosaa General Discussion 0 07-18-2018 09:45
Suspending Kernel Mode Threads... omidgl General Discussion 10 01-17-2005 17:56


All times are GMT +8. The time now is 00:12.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )