32 bit not working

[arsium]

Hello,

I tried the dll with x64 executables and it works fine. However, it does not work with x86 (wow64) executables. Any idea ?

Here is my code :

            if (IntPtr.Size == 4)
            {
                //C:\Windows\SysWOW64
                DInvoke.ManualMap.Overload.OverloadModule("C:\\Windows\\SysWOW64\\ntdll.dll");
                DInvoke.ManualMap.Overload.OverloadModule("C:\\Windows\\SysWOW64\\kernel32.dll");
            }
            else 
            {
                DInvoke.ManualMap.Overload.OverloadModule("C:\\Windows\\System32\\ntdll.dll");
                DInvoke.ManualMap.Overload.OverloadModule("C:\\Windows\\System32\\kernel32.dll");
            }

Error is : 'Failed to open file, ObjectNameInvalid'
It occurs with : '>DInvoke.DynamicInvoke.Native.NtOpenFile(ref System.IntPtr FileHandle, DInvoke.Data.Win32.Kernel32.FileAccessFlags DesiredAccess, ref DInvoke.Data.Native.OBJECT_ATTRIBUTES ObjAttr, ref DInvoke.Data.Native.IO_STATUS_BLOCK IoStatusBlock, DInvoke.Data.Win32.Kernel32.FileShareFlags ShareAccess, DInvoke.Data.Win32.Kernel32.FileOpenFlags OpenOptions) '

[arsium]

Note :

            if (IntPtr.Size == 4)
            {
                DInvoke.ManualMap.Overload.OverloadModule("C:\\Windows\\SysWOW64\\kernel32.dll", "C:\\Windows\\SysWOW64\\kernel32.dll");//does not work
                DInvoke.ManualMap.Overload.OverloadModule("C:\\Windows\\SysWOW64\\ntdll.dll", "C:\\Windows\\SysWOW64\\ntdll.dll");//works
            }
            else 
            {
                DInvoke.ManualMap.Overload.OverloadModule("C:\\Windows\\System32\\ntdll.dll");
                DInvoke.ManualMap.Overload.OverloadModule("C:\\Windows\\System32\\kernel32.dll");
            }

The code above works partially for 32 bit except with kernel32. I got : Failed to change memory protection, NotCommitted