I am setting a PLOAD_IMAGE_NOTIFY_ROUTINE to detect a specific image name and if there's a match, then terminate it. I am getting a KERNEL_APC_PENDING_DURING_EXIT BSOD though. The BSOD is happening somewhere in my KillProcess function which simply just opens a kernel handle with ObOpenObjectByPointer then calls ZwTerminateProcess on that handle.
What could be wrong? The code works fine outside the routine. Do I have to post it? I am getting a BSOD in my PLOAD_IMAGE_NOTIFY_ROUTINE when I call KillProcess.
Aucun commentaire:
Enregistrer un commentaire