Hi,
I found my mistake, I need to use _SEGMENT instead of _SEGMENT_OBJECT, even if it is written different while analyzing structures from kernel debugger. I found that in calls to MapViewOfSection, there are some ControlAreas that have no FileObject associated? Can someone tell me why?
Many Thx!
