Closed ReverseKR closed 4 years ago
I want to hide process by modyifying ActiveProcessLinks, but it causes bsod by PatchGuard. Even I use ByePG, result is same. Can I use ByePG in this case?
Bsod code is CRITICAL_STRUCTURE_CORRUPTION
This bsod doesn't contain context in bugcheck args.
no you can not.
Why not?
no you can not. Why not?
PatchGuard clears stack memory before calling KeBugCheck so you won't be able to unwind the stack.
I want to hide process by modyifying ActiveProcessLinks, but it causes bsod by PatchGuard. Even I use ByePG, result is same. Can I use ByePG in this case?
Bsod code is CRITICAL_STRUCTURE_CORRUPTION
This bsod doesn't contain context in bugcheck args.