[FEATURE] Do not scan context of the running threads

hasherezade · Sep 7, 2024 · 8b5de3b · 8b5de3b
1 parent 5ccf524
commit 8b5de3b
Showing 1 changed file with 1 addition and 4 deletions.
diff --git a/scanners/thread_scanner.cpp b/scanners/thread_scanner.cpp
@@ -396,14 +396,11 @@ bool pesieve::ThreadScanner::reportSuspiciousAddr(ThreadScanReport* my_report, U
 // if extended info given, allow to filter out from the scan basing on the thread state and conditions
 bool should_scan_context(const util::thread_info& info)
 {
-	if (GetCurrentThreadId() == info.tid) {
-		return false; // don't scan the current thread
-	}
 	if (!info.is_extended) {
 		return true;
 	}
 	const KTHREAD_STATE state = (KTHREAD_STATE)info.ext.state;
-	if (state == Ready || state == Running) {
+	if (state == Ready) {
 		return true;
 	}
 	if (state == Terminated) {