Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Where can I get the current tick count in a 64-bit windows dump?

Tags:

windows

kernel

dump

There's one symbol named KeTickCount which works in 32-bit, but when I applied that in my 64-bit dump (Windows 2008), it doesn't work anymore. Did windows change the value?

The only approach I can do is that use ".time" to get the current uptime and multiply it with ticksPerSecond, which is troublesome and inaccurate.

like image 815
liujinmarshall Avatar asked Nov 04 '22 06:11

liujinmarshall

1 Answers

Run !kuser to get at that in windbg.

like image 113
Neeraj Singh Avatar answered Nov 15 '22 06:11

Neeraj Singh
Sign in to Comment

Related questions

How to disable drag/drop when a dialog box is open
How to avoid 12 seconds delay when disonnecting from share in Windows 7?
Access file properties through PHP
Problems Compiling PHP with SSH2 pecl extension for Windows
Rsync does not properly set permissions on Windows folder
How to make a method run in the "background" (threading?)
Problems with glext.h
Mercurial: Problem with non-ascii letters in filenames between Windows and Linux
Copy Files with exact Structure into another Directory using XCopy
C# Windows Service - Started and then Stopped Automatically
How do I install ruby gem libxml without 'extconf failure: need libxml2'
Render to Desktop
How do I get the dimensions of the ImageRectangle in PictureBox?
How to handle a huge string correctly?
C++ library to handle eps/pdf
How to avoid loading symbols of windows dlls in remote debugging?
Windows Application - DPI Issues
How to maximize a window after minimizing it
Capture the call stack quickly
DOS choice batch command on Windows 2000 and higher (with default and timeout)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!