In Windows 7, a process started with CreateProcessAsUser by a windows service with a local system account crashes, but the same process started manually runs fine. The CreateProcessAsUser functionality is in a separate COM component [64 bit C++ dll], and the windows service [dot net 4.6.1] has platform target [Any CPU]. The process does not write anything to the event log either, suggesting that no code is executed, and it crashes immediately. This code works perfectly in windows 10.
I tried to attach to the process but it ends too soon to do anything. I do get a message "Module not found" , suggesting that it doesnt find a library. But I cant figure out which one. I gave it all the libraries it needs, which can be seen by the fact that the program runs ok when started manually from the same folder. I also tried to specify the startup folder in the function CreateProcessAsUser, but there was no difference, but I think it starts in the correct folder by default [where it is located] I found the following link on SO Why is this process crashing as soon as it is launched? But it did not help either. ProcMon does not show where a module was not found [It says PATH NOT FOUND if I remove a known module]
The process exit status is -1066598274 and the stack trace is 0 ntoskrnl.exe RtlNtStatusToDosError + 0x1086 0xfffff8000712f206 C:\Windows\system32\ntoskrnl.exe 1 ntoskrnl.exe RtlCopySidAndAttributesArray + 0x1789 0xfffff8000714b0d9 C:\Windows\system32\ntoskrnl.exe 2 ntoskrnl.exe RtlNtStatusToDosError + 0x1538 0xfffff8000712f6b8 C:\Windows\system32\ntoskrnl.exe 3 ntoskrnl.exe KeSynchronizeExecution + 0x3a23 0xfffff80006e75e53 C:\Windows\system32\ntoskrnl.exe
The event viewer shows the following information Faulting application name: BizBrainAgentPluginHost.exe, version: 1.0.0.0, time stamp: 0x5b88084d Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b8479b Exception code: 0xc06d007e Fault offset: 0x0000000000009e5d Faulting process id: 0x484 Faulting application start time: 0x01d440746491e037 Faulting application path: C:\Program Files\Avinashi Ventures Pvt Ltd\myTallyApp Agent\BizBrainAgentPluginHost.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: a2f39c97-ac67-11e8-94f1-0023ae9747d0
Thanks
