undefined PROCESS_MITIGATION policies
Closed this issue · 3 comments
I am getting
PROCESS_MITIGATION_SYSTEM_CALL_FILTER_POLICY SystemCallFilterPolicy; PROCESS_MITIGATION_PAYLOAD_RESTRICTION_POLICY PayloadRestrictionPolicy; PROCESS_MITIGATION_CHILD_PROCESS_POLICY ChildProcessPolicy;
these structs as undefined. Just wondered if it is safe to comment them out as I got bsod after doing that but I am not sure if that could have anything to do with it.
I am guessing that these structs being undefined on your machine is due to having an older version of the WDK installed. Try installing the latest (10.0.17134.0 currently) and also make sure the SDK version is set to the same in the project properties:
However, it should have been safe to simply comment them out, as they are not used by PPLKiller and they also do not affect the size of the PROCESS_MITIGATION_POLICY_INFORMATION struct if left out.
If you still experience BSODs after upgrading the WDK, I will need some more details on the crash in order to diagnose it:
- Your OS info (major version, bitness and exact kernel version number).
- A crash dump (
.dmp) file. Make sure you have 'auto reboot on crash' disabled and dump type set to at least kernel memory dump level under advanced system settings. Any BSODs should now produce a.dmpfile in%SystemRoot%. (These can get pretty big but are highly compresssible, I recommend 7zip.) - The driver file (
.sys) and debug info (.pdb) you compiled. If the BSOD is caused by some kind of project/compiler misconfiguration, I may be able to reproduce the crash without a dump file.
Did you manage to resolve this?
Damn, it seems this problem was so serious that OP committed suicide over it. I don't see any other explanation for why someone would make a ticket and then not respond to queries afterwards, wasting both their own and my time.
Closed.