Feb 2016
Feb 29 2016 20:55
Hi spazzarama!
I went through the code and cannot explain to my self how we are supposed to patch the kernel on 64 bits Windows. I haven't found any code dedicated to disable PatchGuard. You should remove kernel hooking on x64 but instead use callback routines, such as PsSetCreateProcessNotifyRoutine(Ex).