Kevin O'Reilly

Thanks for the heads up - will look into it.

Sorry I haven't yet been able to test this - I am building a 32-bit Win10 vm now to try and recreate. The latest capemon is always the one to...

I just got my win10x86 vm running and can see problems - setting minhook=1 alone was enough to get things running suggesting a hook issue. I will begin hook testing...

Hi Amwami - I found that the hook for NtWaitForSingleObject causes issues with Win10x86 so I've disabled it on this platform (and Win8+) - please update to the latest commit...

Any joy with the latest updates?

I doubt Python is the problem. Can you please share the sample so I can test myself more efficiently.

But if the original filename contains certain characters and is un-sanitized, will this not cause the entire web page to fail?

Thanks - looks like I should test these before merging

I reverted this due to undesirable changes in representation of the parser output, for example QakBot:  which should appear instead as:  I am happy to work on this...

Yep this saves a TON of work hunting for bad hooks - thank you. I'll investigate asap.