Too early injection issue #122
Description
prior to windows server 2019,after R77 installed,the console application with no user32.dll import such as net.exe and others still occasionally fail to run with access denied or other error.I guess the reason is the injected code start running before the console application even initialized.it does not happen all the time but it does happen. The GUI application does not have this issue.I would screenshot it when encounter next time.
If that is the reason,not sure how to check the remote process is fully initialized
using NtQuerySystemInformation to pool process information is 30% faster than using EnumProcess
bandicam.2025-02-26.00-06-20-305.mp4
The Eslapse Time Is every pool(ntquerysysteminformation at first time or EnumProcess at second) taking time,the comparsion won't really take much of time,but the API call does 95% of the time. This pool can take up a lot of CPU time in some VM with very few cords