2 Attachment(s)
Disabling PatchGuard-Driver Signing Bypass for X64 Windows 7
This is a simple method to successfully disable the driver signature enforcement and
kernel patch protection on X64 version of Windows 7
This instruction assumes you run Windows with administrator account, no UAC, etc...
How to use:
Download attached disable_pg_ds.rar
Place files to desktop, execute in order:
- cmd
- exe
- cmd
after execute all three, is safe to delete the files and directory %userprofile%\desktop\patch_temp
upon reboot menu will present boot option "PatchGuard Disabled" ... which allows for loading
of unsigned X64 bit drivers, and hooking inside ntoskrnl.
newly created registry service key entries, delete REG_DWORD WOW64
How to uninstall:
open cmd.exe and input:
bcdedit /delete {46595952-454E-4F50-4747-554944FFFFFF}
now from \windows\system32 delete: ntkrnlmp.exe & osload.exe
After disabling PatchGuard and driver signature enforcement you can now also hide and unhide processes on X64 Windows 7 using ,for example, hidecon utility.
The utility has two parts: console program, and driver. The driver works by locating PsActiveProcessHead and use of some linked-list macros to hide/unhide processes.
Fyyre
:patching:
[Only registered and activated users can see links. Click Here To Register...] for hide.rar
[Only registered and activated users can see links. Click Here To Register...] for disable_pg_ds.rar
Such high results are obviously because of illegal nature what those patches are made to do to your system files :)
issues with build 7601.17944?
Hi Fayyre
I've been a user of your excellent patchguard disable tool for a number of years, but i'm running into a problem recently with the latest win7 SP1 build - 17944. Even though the tool seems to run through successfully, as soon as i try to install an unsigned dll, the Program compatibility assistant kicks in and won't let me load the driver! tried it a few times, but no success.
Can you help at all?