grimesjo / malwarecookbook

Automatically exported from code.google.com/p/malwarecookbook
0 stars 0 forks source link

orphanthreads crashes when System process can't be found #13

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
Volatile Systems Volatility Framework 1.4_rc1
PID    TID    Create Time               Exit Time                 Offset     
StartAddress
------ ------ ------------------------- ------------------------- ---------- 
------------
Traceback (most recent call last):
  File "vol.py", line 130, in <module>
    main()
  File "vol.py", line 121, in main
    command.execute()
  File "C:\Volatility-1.4_rc1\volatility\commands.py", line 101, in execute
    func(outfd, data)
  File "C:\Volatility-1.4_rc1\volatility\plugins\malware.py", line 2339, in render_text
    for ethread in data:
  File "C:\Volatility-1.4_rc1\volatility\plugins\malware.py", line 2327, in calculate
    pid = [p.UniqueProcessId for p in tasks.pslist(addr_space) if str(p.ImageFileName) == "System"][0]

Original issue reported on code.google.com by michael.hale@gmail.com on 28 Mar 2011 at 3:32

GoogleCodeExporter commented 8 years ago
This issue was closed by revision r51.

Original comment by michael.hale@gmail.com on 28 Mar 2011 at 3:35