A forum for reverse engineering, OS internals and malware analysis 

Search found 2 matches

 Go to advanced search

Re: Windows Defender DB dump and VDLL's

 by Codefuser ¦  Tue Apr 16, 2019 12:37 pm ¦  Forum: Reverse Engineering and Debugging ¦  Topic: Windows Defender DB dump and VDLL's ¦  Replies: 5 ¦  Views: 909

Small change of code to support Windows 10 Version 1803 Build 17134.706, with VFS file being from 11 April. Change from if (Entry->Reserved0 != 0x20) To if (Entry->Reserved0 != 0x20 && Entry->Reserved0 != 0x21) It might also be worth it to remove the check altogether because exception handler will h...

Most likely calling convention issues, you don't seem to be using C so whatever language that is might be using the wrong calling convention.

Use C instead and use __stdcall.