Anton Akhmetshyn

Status is `STATUS_PROCESS_IS_TERMINATING`. Process termination check is pretty straightforward, so I don't know why it could happen if process isn't actually terminating.

Works fine on my 2 machines. Waht's exactly failing?

Any logs or trace messages?

Try adding some logs to your DllMain to see if it fails before or after injection.

> I will try to fix it and add a NoThread flag to Kernel Manual mapping. Currently this is user-mode only flag. I guess AC blocks thread creation in `LdrInitializeThunk`...

Remove waiting on sync event and setting that event in stub generator.

You need to rebuild it from latest sources or wait until I update binaries.

No idea. That error is `STATUS_INVALID_DEVICE_REQUEST` which I don't even use in blackbone sources.

Did you change the device name used to open device through CreateFile?

``` #define BLACKBONE_DEVICE_FILE L"\\\\.\\" BLACKBONE_DEVICE_NAME ```