PAE patch updated for Windows 10
This patch allows you to use more than 3/4GB of RAM on an x86 Windows system. Works on Windows Vista SP2, Windows 7 SP0, Windows 7 SP1, Windows 8, Windows 8.1 a...
Category: Windows
PAE patch updated for Windows 8.1
Note: An updated version for Windows 10 is available. This patch allows you to use more than 3/4GB of RAM on an x86 Windows system. Works on Windows Vista SP2, ...
PAE patch updated for Windows 8
Note: An updated version for Windows 8.1 is available. This patch allows you to use more than 3/4GB of RAM on an x86 Windows system. Works on Vista, 7, 8, has b...
Introducing WJ’s Backup
Recently I became frustrated with Cobian Backup. It was the only free software I could find that: supported incremental backups, supported Volume Shadow Copy, a...
PAE patch updated for Windows 7 SP1
Note: An updated version for Windows 8 is available. This patch allows you to use more than 3/4GB of RAM on an x86 Windows system. Works on Vista and 7, has bee...
PAE patch updated for Windows 7
Note: An updated version for Windows 7 SP1 is available. This patch allows you to use more than 3/4GB of RAM on an x86 Windows system. Works on Vista and 7, has...
HOWTO: Use I_QueryTagInformation
Process Explorer 12 includes a new feature whereby you can view service names associated with threads. To find out how this works, read this article by Alex Ion...
Get the image file name of any process from any user on Vista and above
On Vista and above there is an information class for NtQuerySystemInformation which I call SystemProcessImageNameInformation (88). (Note that I reverse-engineer...
NtQuerySystemInformation: a simple way to bypass rootkits which hide processes by hooking
You’ve probably seen code like this: NTSTATUS MyRootkitNtQuerySystemInformation( ULONG SystemInformationClass, PVOID SystemInformation, ULONG SystemInform...
HOWTO: Implement your own NtOpenProcess in kernel-mode
Writing a system utility but annoyed by the fact that you can’t open the processes of security software and rootkits, instead receiving “Access Deni...