flat assembler
Message board for the users of flat assembler.
Index
> Windows > What open handles your hello world has? |
Author |
|
vivik 29 Sep 2017, 12:44
Hello. Can you please open the hello world example from fasm in ollydbg v1.10, and copypaste all handles in this thread?
Go to view->handles, right click the table, select "Copy to clipboard->Whole table", and then copypaste it here Code: inside the [code] [/code] tags Here are mine, just checking if having all those BaseNamedObjects is normal. Also please say your windows version. Code: Handles Handle Type Refs Access T Info Name 00000024 ALPC Port 4. 001F0001 S 00000028 ALPC Port 4. 001F0001 S 00000054 Desktop 2280. 000F01FF W \Default 00000008 Directory 91. 00000003 Q \KnownDlls 0000000C Directory 55. 00000003 Q \KnownDlls32 00000018 Directory 55. 00000003 Q \KnownDlls32 00000078 Directory 2461. 0000000F Q \Sessions\1\BaseNamedObjects 00000020 Event 3. 001F0003 S 00000044 Event 2. 001F0003 S 0000004C Event 3. 001F0003 S 00000060 Event 2. 001F0003 S 00000064 Event 2. 001F0003 S 00000068 Event 2. 001F0003 S 0000006C Event 2. 001F0003 S 00000070 Event 2. 001F0003 S 00000074 Event 2. 001F0003 S 00000084 File (dev) 2. 00100003 S \FileSystem\Filters\FltMgrMsg 00000010 File (dir) 2. 00100020 S \Device\HarddiskVolume1\Windows 0000001C File (dir) 2. 00100020 S \Device\HarddiskVolume1\_codeblocks\hello-freestanding\bin\Release 00000004 Key 2. 00000009 Q \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options 00000014 Key 2. 00000009 Q \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options 0000002C Key 2. 00020019 R \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions 00000030 Key 2. 00000001 Q \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SESSION MANAGER 00000040 Key 2. 000F003F W \REGISTRY\MACHINE 0000003C Mutant 2. 001F0001 S 00000088 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\mchLLEW2$c30 0000008C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a5f9e0 00000090 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\AutoUnhookMap$00000c30$73ec0000 00000094 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $71ac0000 0000009C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a7dffe 000000A0 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $73e812c6 000000A4 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $73e82384 000000A8 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $76fef792 000000AC Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75db3be3 000000B0 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $76e69d0b 000000B4 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75b77ba4 000000B8 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75b7ea03 000000BC Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75b7b986 000000C0 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75b758b3 000000C4 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75dccd11 000000C8 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75db9ae4 000000CC Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75e1dd76 000000D0 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75e1de19 000000D4 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75dc3baa 000000D8 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75b75ea5 000000DC Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75b7cc01 000000E0 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ba4969 000000E4 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75b7ba5f 000000E8 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75f202bf 000000EC Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75f2027b 000000F0 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed835c 000000F4 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed7603 000000F8 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ecee09 000000FC Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed6110 00000100 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ec8332 00000104 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed3baa 00000108 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed12a5 0000010C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed3c61 00000110 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ec8bff 00000114 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed612e 00000118 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ec9679 0000011C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed781f 00000120 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ec97d2 00000124 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75f26cfc 00000128 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed76e0 0000012C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75f26d5d 00000130 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed7668 00000134 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75eec112 00000138 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75eed0f5 0000013C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75eeff4a 00000140 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75eeec68 00000144 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed291f 00000148 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75eeeb96 0000014C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75f288eb 00000150 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed2d64 00000154 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed3698 00000158 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75edc4b6 0000015C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75f27dd7 00000160 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75f09f1d 00000164 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ecefc9 00000168 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed6c30 0000016C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ec90d3 00000170 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75ed2da4 00000174 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $75f11497 00000178 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a60550 0000017C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a603d0 00000180 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a6079c 00000184 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a5ff74 00000188 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a606f4 0000018C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a60874 00000190 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a607e4 00000194 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a60004 00000198 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a60084 0000019C Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a61cb4 000001A0 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a61d8c 000001A4 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a5fcb0 000001A8 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a60694 000001AC Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a60df4 000001B0 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a61be4 000001B4 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a5ffa4 000001B8 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a5fdc8 000001BC Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a600b4 000001C0 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a5fd64 000001C4 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a5fec0 000001C8 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a6088c 000001CC Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a60ed8 000001D0 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a5fb28 000001D4 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a608a4 000001D8 Section 3. 000F0007 W \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00000c30, API $77a603b8 00000034 Semaphore 2. 00100003 S Count 0. of 00000038 Semaphore 2. 00100003 S Count 0. of 00000050 WindowStation 91. 000F037F W \Sessions\1\Windows\WindowStations\WinSta0 00000058 WindowStation 91. 000F037F W \Sessions\1\Windows\WindowStations\WinSta0 |
|||
29 Sep 2017, 12:44 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.