brad-sp
commented
9 years ago This is probably still related to the log flushing issue -- we still can't flush logs as often as we'd like.
Open MerX1030 opened 9 years ago
brad-sp
commented
9 years ago This is probably still related to the log flushing issue -- we still can't flush logs as often as we'd like.
Seems like there's a problem with NtDelayExecution hook in Windows XP. It stops logging at the point where it should've logged NtDelayExecution. It logs fine in Windows 7 though but seems to cut short the logging.
This sample worked fine in previous versions (logged NtDelayExecution as well as the network APIs that followed) as compared to current version. Test sample used: SHA1 0a550e79afeba34615b0ec2bc6b761beff9d6ead