[求助][求助]老是BOSD,请各位高手指点下
还是不行。。
我把执行过程贴一下看看有用不?
hookKeInsertQueueApc!fake_my_native_api+0x2:
fcbc0642 55 push ebp
kd> p
hookKeInsertQueueApc!fake_my_native_api+0x3:
fcbc0643 8bec mov ebp,esp
kd> p
hookKeInsertQueueApc!fake_my_native_api+0x5:
fcbc0645 60 pushad
kd> p
hookKeInsertQueueApc!fake_my_native_api+0x6:
fcbc0646 8b4508 mov eax,dword ptr [ebp+8]
kd> p
hookKeInsertQueueApc!fake_my_native_api+0xf:
fcbc064f 8b55f4 mov edx,dword ptr [ebp-0Ch]
kd> p
hookKeInsertQueueApc!fake_my_native_api+0x1b:
fcbc065b 8b4dfc mov ecx,dword ptr [ebp-4]
kd> p
hookKeInsertQueueApc!fake_my_native_api+0x27:
fcbc0667 682006bcfc push offset hookKeInsertQueueApc!un_hook_native_api+0x40 (fcbc0620)
kd> p
Access violation - code c0000005 (!!! second chance !!!)
nt!SeLockSubjectContext+0x1a:
80565a37 ff7030