NtCreateProcess遇到的问题
.686p
.model flat,stdcall
option casemap:none

include Windows.inc
include NtDll.inc
includelib NtDll.lib

OBJ_KERNEL_HANDLE equ 00000200h

.data?
hProc dd ?

.data
align 4
@Obj_Length DWORD 18h
@Obj_RootDirectory HANDLE 0
@Obj_ObjectName dword offset @Str_Length
@Obj_Attributes DWORD OBJ_KERNEL_HANDLE
@Obj_SecurityDescriptor PVOID 0
@Obj_SecurityQualityOfService PVOID 0

@Str_Length WORD 18h
@Str_MaximumLength WORD 20h
@Str_Buffer PWSTR offset ExePath

.const
ExePath dw '\','?','?','\','C',':','\','A','.','e','x','e',0

.code
Start:
invoke NtCreateProcess,offset hProc,PROCESS_ALL_ACCESS,offset @Obj_Length,-1,FALSE,0,0,0
invoke NtTerminateProcess,-1,0
end Start

总是返回0xC0000033 [STATUS_OBJECT_NAME_INVALID]
求解答！！！ToT！在下感激不尽ToT ToT ToT
[解决办法]
嘿嘿...