Open ZGuardianTV opened 9 months ago
I think whats happening is that CRITICAL_STRUCTURE_CORRPUTION
and some other bug checks are called via KeBugCheck2
and not KeBugCheckEx
. Since this driver only hooks KeBugCheckEx
bug checks triggered by those can be avoided however those called by KeBugCheck2
can't. Either way KeBugCheck2
is only callable within ntoskrnl.exe
itself so something really went wrong badly if it is being called.
Oh yeah CRITICAL_STRUCTURE_CORRPUTION
could also be triggered because of Patch Guard since we are modifying code for an important function here.
When I run wininit.exe as administrator from taskmgr or other means except of cmd.exe the system bluescreens NoMoreBugCheck prevents that but when I try killing the wininit.exe instance started by my the instance of taskmgr when I used freezes and doesn't close any normal means to close it don't work and just give you the error "Access is denied" but when I go kill taskmgr from process hacker 2 the system bluescreens with the code CRITICAL_STRUCTURE_CORRPUTION