Follow

WriteFile() fails to write files to c:\windows\system32

PROBLEM:

You have an agent procedure that tries to write a file to c:\windows\system32

The procedure executes without failure, but the file does not appear to be written to the specified directory

 

 

CAUSE:

The agent service - Agentmon.exe, is a 32bit application.

32bit applications are not able to access the 64bit file system on 64bit machines.

When a 32bit process tries to write to a 64bit directory, registry key or other 64bit only part of the OS, Windows will intercept this and redirect the process to the 32bit location silently.

 

In this case, Windows will intercept the call to the 64bit c:\windows\system32 directory, and in fact save the file in the 32bit folder - c:\windows\syswow64

 

 

WORKAROUND / SOLUTION:

Add a step to your procedure to ExecuteShellCommand() and either copy, or move the file from the syswow64 folder to the system32 folder.

Make sure that you run this in a 64bit shell as system

copy1.png

ADDITIONAL INFORMATION:

http://www.samlogic.net/articles/32-64-bit-windows-folder-x86-syswow64.htm

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.