search

glmcdona / Process-Dump

Windows tool for dumping malware PE files from memory back to disk for analysis.
http://split-code.com/processdump.html
MIT License
1.66k stars 263 forks source link

Stop ProcessDump from hooking it's own processes NtProcessTermination #9

Closed glmcdona closed 8 years ago

glmcdona commented 8 years ago

If another app tries to close it abnormally, it can create a state where process dump gets stuck at the closing state.

glmcdona commented 8 years ago

Resolved.