Removed unused / unstable / untested features.

17 files changed, 1 insertions, 1032 deletions

diff --git a/KMemDriver/Crypto.c b/KMemDriver/Crypto.c
deleted file mode 100644
index 3d4c35e..0000000
--- a/KMemDriver/Crypto.c
+++ /dev/null
@@ -1,37 +0,0 @@
-#include "Crypto.h"
-
-#include <stdarg.h>
-
-struct crypt_data {
-	UINT64 key;
-	UINT8 crypted;
-	UINT8 used;
-};
-
-static struct crypt_data* data = NULL;
-static size_t data_used = 0;
-
-void CryptoInit(PVOID fn, ...)
-{
-	SIZE_T functions = 0;
-	va_list ap;
-
-	va_start(ap, fn);
-	while (va_arg(ap, PVOID) != NULL)
-	{
-		functions++;
-	}
-	va_end(ap);
-
-	va_start(ap, fn);
-	PVOID f;
-	while ((f = va_arg(ap, PVOID)) != NULL)
-	{
-	}
-	va_end(ap);
-}
-
-void CryptoDo(PVOID fn)
-{
-	UNREFERENCED_PARAMETER(fn);
-}
\ No newline at end of file
diff --git a/KMemDriver/Crypto.h b/KMemDriver/Crypto.h
deleted file mode 100644
index 8314caa..0000000
--- a/KMemDriver/Crypto.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#pragma once
-
-#include <ntddk.h>
-
-void CryptoInit(PVOID fn, ...);
-void CryptoDo(PVOID fn);
-
-#define CRYPTO_FNPTR(fn) ((PVOID)fn)
-
-#define CRYPT_PROLOGUE() \
-	do { \
-		volatile UINT64 index_and_marker = { 0x11111111C0DEC0DE }; \
-		UNREFERENCED_PARAMETER(index_and_marker); \
-	} while (0)
-#define CRYPT_EPILOGUE() \
-	do { \
-		volatile UINT32 marker = 0xDEADDEAD;\
-		UNREFERENCED_PARAMETER(marker); \
-	} while (0)
\ No newline at end of file
diff --git a/KMemDriver/Imports.h b/KMemDriver/Imports.h
index 48bc882..265a556 100644
--- a/KMemDriver/Imports.h
+++ b/KMemDriver/Imports.h
@@ -140,14 +140,6 @@ PVOID
 NTAPI
 PsGetProcessWow64Process(IN PEPROCESS Process);
 
-NTSYSAPI
-PVOID
-NTAPI
-RtlAvlRemoveNode(
-	IN PRTL_AVL_TREE pTree,
-	IN PMMADDRESS_NODE pNode
-);
-
 __kernel_entry
 NTSTATUS
 ZwQuerySystemInformation(
diff --git a/KMemDriver/KMemDriver.c b/KMemDriver/KMemDriver.c
index 7639d8f..80dc135 100644
--- a/KMemDriver/KMemDriver.c
+++ b/KMemDriver/KMemDriver.c
@@ -1,7 +1,6 @@
 #include "KMemDriver.h"
 #include "Imports.h"
 #include "Native.h"
-#include "Crypto.h"
 
 #include <ntddk.h>
 #include <Ntstrsafe.h>
@@ -79,29 +78,6 @@ NTSTATUS GetDriverObject(
 	IN WCHAR* DriverDirName
 );
 NTSTATUS KRThread(IN PVOID pArg);
-TABLE_SEARCH_RESULT VADFindNodeOrParent(
-	IN PMM_AVL_TABLE Table,
-	IN ULONG_PTR StartingVpn,
-	OUT PMMADDRESS_NODE* NodeOrParent
-);
-NTSTATUS VADFind(
-	IN PEPROCESS pProcess,
-	IN ULONG_PTR address,
-	OUT PMMVAD_SHORT* pResult
-);
-NTSTATUS VADProtect(
-	IN PEPROCESS pProcess,
-	IN ULONG_PTR address,
-	IN ULONG prot
-);
-NTSTATUS VADUnlink(
-	IN PEPROCESS pProcess,
-	IN ULONG_PTR address
-);
-PHANDLE_TABLE_ENTRY ExpLookupHandleTableEntry(
-	PVOID pHandleTable,
-	HANDLE handle
-);
 
 #pragma alloc_text(PAGE, WaitForControlProcess)
 #pragma alloc_text(PAGE, VerifyControlProcess)
@@ -119,11 +95,6 @@ PHANDLE_TABLE_ENTRY ExpLookupHandleTableEntry(
 #pragma alloc_text(PAGE, FreeMemoryFromProcess)
 #pragma alloc_text(PAGE, GetDriverObject)
 #pragma alloc_text(PAGE, KRThread)
-#pragma alloc_text(PAGE, VADFindNodeOrParent)
-#pragma alloc_text(PAGE, VADFind)
-#pragma alloc_text(PAGE, VADProtect)
-#pragma alloc_text(PAGE, VADUnlink)
-#pragma alloc_text(PAGE, ExpLookupHandleTableEntry)
 
 static void fn_zero_text(PVOID fn_start);
 static HANDLE ctrlPID;
@@ -140,8 +111,6 @@ NTSTATUS DriverEntry(
 	_In_  PUNICODE_STRING RegistryPath
 )
 {
-	CryptoInit(CRYPTO_FNPTR(DriverEntry), NULL);
-	CRYPT_PROLOGUE();
 	NTSTATUS status;
 	HANDLE hThread = NULL;
 	CLIENT_ID clientID = { 0 };
@@ -163,7 +132,6 @@ NTSTATUS DriverEntry(
 	{
 		KDBG("Failed to create worker thread. Status: 0x%X\n", status);
 	}
-	CRYPT_EPILOGUE();
 
 	return status;
 }
@@ -647,22 +615,6 @@ NTSTATUS KRThread(IN PVOID pArg)
 						KeWriteVirtualMemory(ctrlPEP, vr, (PVOID)SHMEM_ADDR, &siz);
 						break;
 					}
-					case MEM_VUNLINK: {
-						PKERNEL_VUNLINK_REQUEST vr = (PKERNEL_VUNLINK_REQUEST)shm_buf;
-						KDBG("Got a VUNLINK to process 0x%X, address 0x%p\n",
-							vr->ProcessId, vr->Address);
-						if (!NT_SUCCESS(UpdatePPEPIfRequired(vr->ProcessId,
-							lastPID, &lastPROC, &lastPEP)))
-						{
-							running = 0;
-							break;
-						}
-						vr->StatusRes = VADUnlink(lastPEP, (ULONG_PTR)vr->Address);
-
-						siz = sizeof * vr;
-						KeWriteVirtualMemory(ctrlPEP, vr, (PVOID)SHMEM_ADDR, &siz);
-						break;
-					}
 					case MEM_EXIT:
 						KDBG("Gracefully exiting ..\n");
 						KeClearEvent(pk_kevent);
@@ -785,29 +737,4 @@ NTSTATUS GetDriverObject(
 	}
 
 	return status;
-}
-
-PHANDLE_TABLE_ENTRY ExpLookupHandleTableEntry(PVOID pHandleTable, HANDLE handle)
-{
-	unsigned __int64 v2; // rdx
-	__int64 v3; // r8
-	signed __int64 v4; // rax
-	__int64 v5; // rax
-
-	v2 = (__int64)handle & 0xFFFFFFFFFFFFFFFCui64;
-	if (v2 >= *(DWORD*)pHandleTable)
-		return 0i64;
-	v3 = *((uintptr_t*)pHandleTable + 1);
-	v4 = *((uintptr_t*)pHandleTable + 1) & 3i64;
-	if ((UINT32)v4 == 1)
-	{
-		v5 = *(uintptr_t*)(v3 + 8 * (v2 >> 10) - 1);
-		return (PHANDLE_TABLE_ENTRY)(v5 + 4 * (v2 & 0x3FF));
-	}
-	if ((UINT32)v4)
-	{
-		v5 = *(uintptr_t*)(*(uintptr_t*)(v3 + 8 * (v2 >> 19) - 2) + 8 * ((v2 >> 10) & 0x1FF));
-		return (PHANDLE_TABLE_ENTRY)(v5 + 4 * (v2 & 0x3FF));
-	}
-	return (PHANDLE_TABLE_ENTRY)(v3 + 4 * v2);
 }
\ No newline at end of file
diff --git a/KMemDriver/KMemDriver.vcxproj b/KMemDriver/KMemDriver.vcxproj
index 3d6507e..0d90e7f 100644
--- a/KMemDriver/KMemDriver.vcxproj
+++ b/KMemDriver/KMemDriver.vcxproj
@@ -173,23 +173,15 @@
     <FilesToPackage Include="$(TargetPath)" />
   </ItemGroup>
   <ItemGroup>
-    <ClCompile Include="Crypto.c" />
     <ClCompile Include="KMemDriver.c" />
     <ClCompile Include="Memory.c" />
-    <ClCompile Include="VAD.c" />
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="..\include\KMemDriver.h" />
-    <ClInclude Include="Crypto.h" />
     <ClInclude Include="Imports.h" />
     <ClInclude Include="Native.h" />
   </ItemGroup>
   <ItemGroup>
-    <MASM Include="Utils.asm">
-      <GenerateDebugInformation Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</GenerateDebugInformation>
-    </MASM>
-  </ItemGroup>
-  <ItemGroup>
     <None Include="..\PastDSE-Manual-Map-Debug.bat" />
     <None Include="..\PastDSE-Manual-Map-Release.bat" />
   </ItemGroup>
diff --git a/KMemDriver/KMemDriver.vcxproj.filters b/KMemDriver/KMemDriver.vcxproj.filters
index 7e60a14..9fff68f 100644
--- a/KMemDriver/KMemDriver.vcxproj.filters
+++ b/KMemDriver/KMemDriver.vcxproj.filters
@@ -20,9 +20,6 @@
     <ClInclude Include="..\include\KMemDriver.h">
       <Filter>Header Files</Filter>
     </ClInclude>
-    <ClInclude Include="Crypto.h">
-      <Filter>Header Files</Filter>
-    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="KMemDriver.c">
@@ -31,17 +28,6 @@
     <ClCompile Include="Memory.c">
       <Filter>Source Files</Filter>
     </ClCompile>
-    <ClCompile Include="VAD.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="Crypto.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-  </ItemGroup>
-  <ItemGroup>
-    <MASM Include="Utils.asm">
-      <Filter>Source Files</Filter>
-    </MASM>
   </ItemGroup>
   <ItemGroup>
     <None Include="..\PastDSE-Manual-Map-Debug.bat">
diff --git a/KMemDriver/Memory.c b/KMemDriver/Memory.c
index 86d3f8c..0717d97 100644
--- a/KMemDriver/Memory.c
+++ b/KMemDriver/Memory.c
@@ -346,54 +346,4 @@ NTSTATUS ReadPhysicalPage(IN PHYSICAL_ADDRESS* addr, OUT PUCHAR content, IN OUT
 
 	mm.PhysicalAddress = *(PHYSICAL_ADDRESS*)addr;
 	return MmCopyMemory(content, mm, 4096, MM_COPY_MEMORY_PHYSICAL, content_size_and_transferred);
-}
-
-SIZE_T GetCR3(IN PEPROCESS pep)
-{
-	SIZE_T ret;
-	KAPC_STATE apcState;
-
-	KeStackAttachProcess((PRKPROCESS)pep, &apcState);
-	ret = __readcr3();
-	KeUnstackDetachProcess(&apcState);
-
-	return ret;
-}
-
-void SetCR3(IN PEPROCESS pep, IN SIZE_T value)
-{
-	KAPC_STATE apcState;
-
-	KeStackAttachProcess((PRKPROCESS)pep, &apcState);
-	__writecr3(value);
-	KeUnstackDetachProcess(&apcState);
-}
-
-static ULONG_PTR invalidate_tlb(ULONG_PTR addr)
-{
-	__invlpg(addr);
-	return 0;
-}
-
-void FlushTLB(IN PVOID addr)
-{
-	KeIpiGenericCall(invalidate_tlb, (ULONG_PTR)addr);
-}
-
-#define IA32_PAT 0x277
-
-SIZE_T GetIA32PAT(void)
-{
-	return __readmsr(IA32_PAT);
-}
-
-static ULONG_PTR set_pat(ULONG_PTR pat)
-{
-	__writemsr(IA32_PAT, pat);
-	return 0;
-}
-
-void SetIA32PAT(IN SIZE_T value)
-{
-	KeIpiGenericCall(set_pat, value);
 }
\ No newline at end of file
diff --git a/KMemDriver/Native.h b/KMemDriver/Native.h
index ed2fe1e..cdfb646 100644
--- a/KMemDriver/Native.h
+++ b/KMemDriver/Native.h
@@ -4,10 +4,6 @@
 
 #define GET_VAD_ROOT(Table) Table->BalancedRoot
 
-typedef enum native_offsets {
-	VAD_TREE_1803 = 0x628
-} native_offsets;
-
 typedef struct _PEB_LDR_DATA
 {
 	ULONG Length;
@@ -139,243 +135,6 @@ typedef struct _KLDR_DATA_TABLE_ENTRY {
 #pragma warning(disable : 4214 4201)
 #pragma pack(push, 1)
 
-typedef struct _MM_AVL_NODE // Size=24
-{
-	struct _MM_AVL_NODE* LeftChild; // Size=8 Offset=0
-	struct _MM_AVL_NODE* RightChild; // Size=8 Offset=8
-
-	union // Size=8
-	{
-		struct
-		{
-			__int64  Red : 1; // Size=8 Offset=0 BitOffset=0 BitCount=1
-		};
-		struct
-		{
-			__int64  Balance : 2; // Size=8 Offset=0 BitOffset=0 BitCount=2
-		};
-		struct _MM_AVL_NODE* Parent; // Size=8 Offset=0
-	};
-} MM_AVL_NODE, * PMM_AVL_NODE, * PMMADDRESS_NODE;
-
-union _EX_PUSH_LOCK // Size=8
-{
-	struct
-	{
-		unsigned __int64 Locked : 1; // Size=8 Offset=0 BitOffset=0 BitCount=1
-		unsigned __int64 Waiting : 1; // Size=8 Offset=0 BitOffset=1 BitCount=1
-		unsigned __int64 Waking : 1; // Size=8 Offset=0 BitOffset=2 BitCount=1
-		unsigned __int64 MultipleShared : 1; // Size=8 Offset=0 BitOffset=3 BitCount=1
-		unsigned __int64 Shared : 60; // Size=8 Offset=0 BitOffset=4 BitCount=60
-	};
-	unsigned __int64 Value; // Size=8 Offset=0
-	void* Ptr; // Size=8 Offset=0
-};
-
-struct _MMVAD_FLAGS // Size=4
-{
-	unsigned long VadType : 3; // Size=4 Offset=0 BitOffset=0 BitCount=3
-	unsigned long Protection : 5; // Size=4 Offset=0 BitOffset=3 BitCount=5
-	unsigned long PreferredNode : 6; // Size=4 Offset=0 BitOffset=8 BitCount=6
-	unsigned long NoChange : 1; // Size=4 Offset=0 BitOffset=14 BitCount=1
-	unsigned long PrivateMemory : 1; // Size=4 Offset=0 BitOffset=15 BitCount=1
-	unsigned long Teb : 1; // Size=4 Offset=0 BitOffset=16 BitCount=1
-	unsigned long PrivateFixup : 1; // Size=4 Offset=0 BitOffset=17 BitCount=1
-	unsigned long ManySubsections : 1; // Size=4 Offset=0 BitOffset=18 BitCount=1
-	unsigned long Spare : 12; // Size=4 Offset=0 BitOffset=19 BitCount=12
-	unsigned long DeleteInProgress : 1; // Size=4 Offset=0 BitOffset=31 BitCount=1
-};
-
-struct _MMVAD_FLAGS1 // Size=4
-{
-	unsigned long CommitCharge : 31; // Size=4 Offset=0 BitOffset=0 BitCount=31
-	unsigned long MemCommit : 1; // Size=4 Offset=0 BitOffset=31 BitCount=1
-};
-
-union MMVAD_SHORT_u1 // Size=4
-{
-	unsigned long LongFlags; // Size=4 Offset=0
-	struct _MMVAD_FLAGS VadFlags; // Size=4 Offset=0
-};
-
-union MMVAD_SHORT_u2 // Size=4
-{
-	unsigned long LongFlags1; // Size=4 Offset=0
-	struct _MMVAD_FLAGS1 VadFlags1; // Size=4 Offset=0
-};
-
-typedef struct _MMVAD_SHORT // Size=64
-{
-	union
-	{
-		struct _RTL_BALANCED_NODE VadNode; // Size=24 Offset=0
-		struct _MMVAD_SHORT* NextVad; // Size=8 Offset=0
-	};
-	unsigned long StartingVpn; // Size=4 Offset=24
-	unsigned long EndingVpn; // Size=4 Offset=28
-	unsigned char StartingVpnHigh; // Size=1 Offset=32
-	unsigned char EndingVpnHigh; // Size=1 Offset=33
-	unsigned char CommitChargeHigh; // Size=1 Offset=34
-	unsigned char SpareNT64VadUChar; // Size=1 Offset=35
-	long ReferenceCount; // Size=4 Offset=36
-	union _EX_PUSH_LOCK PushLock; // Size=8 Offset=40
-	union MMVAD_SHORT_u1 u; // Size=4 Offset=48
-	union MMVAD_SHORT_u2 u1; // Size=4 Offset=52
-	struct _MI_VAD_EVENT_BLOCK* EventList; // Size=8 Offset=56
-} MMVAD_SHORT, * PMMVAD_SHORT;
-
-struct _MMVAD_FLAGS2 // Size=4
-{
-	unsigned long FileOffset : 24; // Size=4 Offset=0 BitOffset=0 BitCount=24
-	unsigned long Large : 1; // Size=4 Offset=0 BitOffset=24 BitCount=1
-	unsigned long TrimBehind : 1; // Size=4 Offset=0 BitOffset=25 BitCount=1
-	unsigned long Inherit : 1; // Size=4 Offset=0 BitOffset=26 BitCount=1
-	unsigned long CopyOnWrite : 1; // Size=4 Offset=0 BitOffset=27 BitCount=1
-	unsigned long NoValidationNeeded : 1; // Size=4 Offset=0 BitOffset=28 BitCount=1
-	unsigned long Spare : 3; // Size=4 Offset=0 BitOffset=29 BitCount=3
-};
-
-struct _MI_VAD_SEQUENTIAL_INFO // Size=8
-{
-	unsigned __int64 Length : 12; // Size=8 Offset=0 BitOffset=0 BitCount=12
-	unsigned __int64 Vpn : 52; // Size=8 Offset=0 BitOffset=12 BitCount=52
-};
-
-union ___unnamed2047 // Size=4
-{
-	unsigned long LongFlags2; // Size=4 Offset=0
-	struct _MMVAD_FLAGS2 VadFlags2; // Size=4 Offset=0
-};
-
-union ___unnamed2048 // Size=8
-{
-	struct _MI_VAD_SEQUENTIAL_INFO SequentialVa; // Size=8 Offset=0
-	struct _MMEXTEND_INFO* ExtendedInfo; // Size=8 Offset=0
-};
-
-typedef union _EX_FAST_REF // Size=8
-{
-	void* Object;
-	struct
-	{
-		unsigned __int64 RefCnt : 4;
-	};
-	unsigned __int64 Value;
-} EX_FAST_REF, * PEX_FAST_REF;
-
-typedef struct _CONTROL_AREA // Size=120
-{
-	struct _SEGMENT* Segment;
-	struct _LIST_ENTRY ListHead;
-	unsigned __int64 NumberOfSectionReferences;
-	unsigned __int64 NumberOfPfnReferences;
-	unsigned __int64 NumberOfMappedViews;
-	unsigned __int64 NumberOfUserReferences;
-	unsigned long f1;
-	unsigned long f2;
-	EX_FAST_REF FilePointer;
-	// Other fields
-} CONTROL_AREA, * PCONTROL_AREA;
-
-typedef struct _SUBSECTION // Size=56
-{
-	PCONTROL_AREA ControlArea;
-	// Other fields
-} SUBSECTION, * PSUBSECTION;
-
-typedef struct _MMVAD // Size=128
-{
-	struct _MMVAD_SHORT Core; // Size=64 Offset=0
-	union ___unnamed2047 u2; // Size=4 Offset=64
-	unsigned long pad0;  // Size=4 Offset=68
-	struct _SUBSECTION* Subsection; // Size=8 Offset=72
-	struct _MMPTE* FirstPrototypePte; // Size=8 Offset=80
-	struct _MMPTE* LastContiguousPte; // Size=8 Offset=88
-	struct _LIST_ENTRY ViewLinks; // Size=16 Offset=96
-	struct _EPROCESS* VadsProcess; // Size=8 Offset=112
-	union ___unnamed2048 u4; // Size=8 Offset=120
-	struct _FILE_OBJECT* FileObject; // Size=8 Offset=128
-} MMVAD, * PMMVAD;
-
-typedef enum _MI_VAD_TYPE
-{
-	VadNone,
-	VadDevicePhysicalMemory,
-	VadImageMap,
-	VadAwe,
-	VadWriteWatch,
-	VadLargePages,
-	VadRotatePhysical,
-	VadLargePageSection
-} MI_VAD_TYPE, * PMI_VAD_TYPE;
-
-typedef struct _RTL_AVL_TREE // Size=8
-{
-	PMM_AVL_NODE BalancedRoot;
-	void* NodeHint;
-	UINT64 NumberGenericTableElements;
-} RTL_AVL_TREE, * PRTL_AVL_TREE, MM_AVL_TABLE, * PMM_AVL_TABLE;
-
-typedef struct _HANDLE_TABLE_ENTRY_INFO {
-	UINT32 AuditMask;
-	UINT32 MaxRelativeAccessMask;
-} HANDLE_TABLE_ENTRY_INFO, * PHANDLE_TABLE_ENTRY_INFO;
-
-typedef struct _HANDLE_TABLE_ENTRY
-{
-	union
-	{
-		PVOID Object;
-		ULONG ObAttributes;
-		PHANDLE_TABLE_ENTRY_INFO InfoTable;
-		ULONG Value;
-	};
-	union
-	{
-		ULONG GrantedAccess;
-		struct
-		{
-			SHORT GrantedAccessIndex;
-			SHORT CreatorBackTraceIndex;
-		};
-		LONG NextFreeTableEntry;
-	};
-} HANDLE_TABLE_ENTRY, * PHANDLE_TABLE_ENTRY;
-
-typedef struct _HANDLE_TABLE_FREE_LIST
-{
-	EX_PUSH_LOCK FreeListLock;
-	PHANDLE_TABLE_ENTRY FirstFreeHandleEntry;
-	PHANDLE_TABLE_ENTRY LastFreeHandleEntry;
-	UINT32 HandleCount;
-	UINT32 HighWaterMark;
-} HANDLE_TABLE_FREE_LIST, * PHANDLE_TABLE_FREE_LIST;
-
-typedef struct _HANDLE_TABLE
-{
-	UINT32 NextHandleNeedingPool;
-	UINT32 ExtraInfoPages;
-	UINT32 TableCode;
-	PEPROCESS QuotaProcess;
-	LIST_ENTRY HandleTableList;
-	UINT32 UniqueProcessId;
-	union {
-		UINT32 Flags;
-		struct {
-			UINT32 StrictFIFO : 1;
-			UINT32 EnableHandleExceptions : 1;
-			UINT32 Rundown : 1;
-			UINT32 Duplicated : 1;
-			UINT32 RaiseUMExceptionOnInvalidHandleClose : 1;
-		};
-	};
-	EX_PUSH_LOCK HandleContentionEvent;
-	EX_PUSH_LOCK HandleTableLock;
-	HANDLE_TABLE_FREE_LIST FreeLists;
-	UCHAR ActualEntry[32];
-	PVOID DebugInfo;
-} PHANDLE_TABLE;
-
 typedef struct _SYSTEM_PROCESS_INFORMATION {
 	ULONG NextEntryOffset;
 	ULONG NumberOfThreads;
diff --git a/KMemDriver/Utils.asm b/KMemDriver/Utils.asm
deleted file mode 100644
index b7c344e..0000000
--- a/KMemDriver/Utils.asm
+++ /dev/null
@@ -1,11 +0,0 @@
-PUBLIC getNextRIP
-
-.code _text
-
-getNextRIP PROC PUBLIC
-pop rax
-push rax
-ret
-getNextRIP ENDP
-
-END
\ No newline at end of file
diff --git a/KMemDriver/VAD.c b/KMemDriver/VAD.c
deleted file mode 100644
index bb3cbb6..0000000
--- a/KMemDriver/VAD.c
+++ /dev/null
@@ -1,170 +0,0 @@
-#include "KMemDriver.h"
-#include "Imports.h"
-#include "Native.h"
-
-#include <ntddk.h>
-#include <Ntstrsafe.h>
-
-#define MM_ZERO_ACCESS         0
-
-
-TABLE_SEARCH_RESULT
-VADFindNodeOrParent(
-	IN PMM_AVL_TABLE Table,
-	IN ULONG_PTR StartingVpn,
-	OUT PMMADDRESS_NODE *NodeOrParent
-)
-{
-	PMMADDRESS_NODE Child;
-	PMMADDRESS_NODE NodeToExamine;
-	PMMVAD_SHORT    VpnCompare;
-	ULONG_PTR       startVpn;
-	ULONG_PTR       endVpn;
-
-	if (Table->NumberGenericTableElements == 0) {
-		return TableEmptyTree;
-	}
-
-	NodeToExamine = (PMMADDRESS_NODE)GET_VAD_ROOT(Table);
-
-	for (;;) {
-
-		VpnCompare = (PMMVAD_SHORT)NodeToExamine;
-		startVpn = VpnCompare->StartingVpn;
-		endVpn = VpnCompare->EndingVpn;
-
-		startVpn |= (ULONG_PTR)VpnCompare->StartingVpnHigh << 32;
-		endVpn |= (ULONG_PTR)VpnCompare->EndingVpnHigh << 32;
-
-		KDBG("Examining Node 0x%p with start VA 0x%p and end VA 0x%p\n", VpnCompare, startVpn, endVpn);
-
-		//
-		// Compare the buffer with the key in the tree element.
-		//
-
-		if (StartingVpn < startVpn) {
-
-			Child = NodeToExamine->LeftChild;
-
-			if (Child != NULL) {
-				NodeToExamine = Child;
-			}
-			else {
-
-				//
-				// Node is not in the tree.  Set the output
-				// parameter to point to what would be its
-				// parent and return which child it would be.
-				//
-
-				*NodeOrParent = NodeToExamine;
-				return TableInsertAsLeft;
-			}
-		}
-		else if (StartingVpn <= endVpn) {
-
-			//
-			// This is the node.
-			//
-
-			*NodeOrParent = NodeToExamine;
-			return TableFoundNode;
-		}
-		else {
-
-			Child = NodeToExamine->RightChild;
-
-			if (Child != NULL) {
-				NodeToExamine = Child;
-			}
-			else {
-
-				//
-				// Node is not in the tree.  Set the output
-				// parameter to point to what would be its
-				// parent and return which child it would be.
-				//
-
-				*NodeOrParent = NodeToExamine;
-				return TableInsertAsRight;
-			}
-		}
-	}
-}
-
-NTSTATUS VADFind(
-	IN PEPROCESS pProcess,
-	IN ULONG_PTR address,
-	OUT PMMVAD_SHORT* pResult
-)
-{
-	NTSTATUS status = STATUS_SUCCESS;
-	ULONG_PTR vpnStart = address >> PAGE_SHIFT;
-	PMM_AVL_TABLE pTable = (PMM_AVL_TABLE)((PUCHAR)pProcess + VAD_TREE_1803);
-	PMM_AVL_NODE pNode = GET_VAD_ROOT(pTable);
-
-	if (pProcess == NULL || pResult == NULL)
-		return STATUS_INVALID_PARAMETER;
-
-	// Search VAD
-	if (VADFindNodeOrParent(pTable, vpnStart, &pNode) == TableFoundNode)
-	{
-		*pResult = (PMMVAD_SHORT)pNode;
-	}
-	else
-	{
-		KDBG("%s: VAD entry for address 0x%p not found\n", __FUNCTION__, address);
-		status = STATUS_NOT_FOUND;
-	}
-
-	return status;
-}
-
-NTSTATUS VADProtect(
-	IN PEPROCESS pProcess,
-	IN ULONG_PTR address, IN ULONG prot
-)
-{
-	NTSTATUS status = STATUS_SUCCESS;
-	PMMVAD_SHORT pVadShort = NULL;
-
-	status = VADFind(pProcess, address, &pVadShort);
-	if (NT_SUCCESS(status))
-		pVadShort->u.VadFlags.Protection = prot;
-
-	return status;
-}
-
-NTSTATUS VADUnlink(IN PEPROCESS pProcess, IN ULONG_PTR address)
-{
-	NTSTATUS status = STATUS_SUCCESS;
-	PMMVAD_SHORT pVadShort = NULL;
-
-	status = VADFind(pProcess, address, &pVadShort);
-	if (!NT_SUCCESS(status))
-		return status;
-
-	// Erase image name
-	if (pVadShort->u.VadFlags.VadType == VadImageMap)
-	{
-		PMMVAD pVadLong = (PMMVAD)pVadShort;
-		if (pVadLong->Subsection && pVadLong->Subsection->ControlArea && pVadLong->Subsection->ControlArea->FilePointer.Object)
-		{
-			PFILE_OBJECT pFile = (PFILE_OBJECT)(pVadLong->Subsection->ControlArea->FilePointer.Value & ~0xF);
-			pFile->FileName.Buffer[0] = L'\0';
-			pFile->FileName.Length = 0;
-		}
-		else
-			return STATUS_INVALID_ADDRESS;
-	}
-	// Make NO_ACCESS
-	else if (pVadShort->u.VadFlags.VadType == VadDevicePhysicalMemory)
-	{
-		pVadShort->u.VadFlags.Protection = MM_ZERO_ACCESS;
-	}
-	else {
-		RtlAvlRemoveNode((PMM_AVL_TABLE)((PUCHAR)pProcess + VAD_TREE_1803), (PMMADDRESS_NODE)pVadShort);
-	}
-
-	return status;
-}
\ No newline at end of file
diff --git a/MemDriverLib/DX11Manager.cpp b/MemDriverLib/DX11Manager.cpp
deleted file mode 100644
index ab376aa..0000000
--- a/MemDriverLib/DX11Manager.cpp
+++ /dev/null
@@ -1,114 +0,0 @@
-#include "stdafx.h"
-#include "DX11Manager.h"
-
-#include <Windows.h>
-
-#pragma comment (lib, "D3D11.lib")
-
-struct DDataIntern {
-	IDXGISwapChain * SwapChain;
-	ID3D11Device * Device;
-	ID3D11DeviceContext * DeviceContext;
-};
-
-static LRESULT CALLBACK WinProc(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam)
-{
-	switch (message)
-	{
-	case(WM_DESTROY):
-		PostQuitMessage(0);
-		return 0;
-		break;
-	default:
-		return DefWindowProc(hWnd, message, wParam, lParam);
-		break;
-	}
-}
-
-static HRESULT InitD3D(struct DDataIntern * const data, HWND hWnd)
-{
-	DXGI_SWAP_CHAIN_DESC SwapChainDesc;
-
-	ZeroMemory(&SwapChainDesc, sizeof(DXGI_SWAP_CHAIN_DESC));
-	SwapChainDesc.BufferCount = 1;
-	SwapChainDesc.BufferDesc.Format = DXGI_FORMAT_R8G8B8A8_UNORM;
-	SwapChainDesc.BufferUsage = DXGI_USAGE_RENDER_TARGET_OUTPUT;
-	SwapChainDesc.OutputWindow = hWnd;
-	SwapChainDesc.SampleDesc.Count = 4;
-	SwapChainDesc.Windowed = true;
-
-	return D3D11CreateDeviceAndSwapChain(NULL, D3D_DRIVER_TYPE_HARDWARE, NULL, NULL, NULL, NULL, D3D11_SDK_VERSION, &SwapChainDesc,
-		&data->SwapChain, &data->Device, NULL, &data->DeviceContext);
-}
-
-static void CleanD3D(struct DDataIntern * const data)
-{
-	data->SwapChain->Release();
-	data->Device->Release();
-	data->DeviceContext->Release();
-}
-
-bool WINAPI GetDirectxData(struct DxData * const data)
-{
-	HINSTANCE hInstance = (HINSTANCE)((LONG_PTR)GetWindowLongW(GetActiveWindow(), -6));
-	HWND hWnd;
-	WNDCLASSEX wc;
-	struct DDataIntern data_intern;
-
-	ZeroMemory(&data_intern, sizeof(data_intern));
-	ZeroMemory(&wc, sizeof(WNDCLASSEX));
-	wc.cbSize = sizeof(WNDCLASSEX);
-	wc.hbrBackground = (HBRUSH)COLOR_WINDOW;
-	wc.hCursor = LoadCursor(NULL, IDC_ARROW);
-	wc.hInstance = hInstance;
-	wc.lpfnWndProc = WinProc;
-	wc.lpszClassName = L"DxData";
-	wc.style = CS_VREDRAW | CS_HREDRAW;
-	RegisterClassEx(&wc);
-
-	RECT rect = { 0, 0, 600, 400 };
-	AdjustWindowRect(&rect, WS_OVERLAPPEDWINDOW, false);
-	hWnd = CreateWindowEx(NULL, L"DxData", L"DxData", WS_OVERLAPPEDWINDOW, 300, 300, rect.right - rect.left,
-		rect.bottom - rect.top, NULL, NULL, hInstance, NULL);
-	if (!hWnd) {
-		return false;
-	}
-
-	ShowWindow(hWnd, NULL);
-	data->CreateSwapChainReturn = InitD3D(&data_intern, hWnd);
-
-	{
-		MSG msg;
-		while (GetMessage(&msg, NULL, 0, 0) &&
-			PeekMessage(&msg, NULL, 0, 0, PM_REMOVE))
-		{
-			TranslateMessage(&msg);
-			DispatchMessage(&msg);
-		}
-	}
-
-	memcpy(data->buf, (*(UINT64 ***)data_intern.SwapChain)[8], sizeof data->buf);
-
-	HMODULE d3d11_base = LoadLibrary(L"d3d11.dll");
-	data->DeviceVTableOffset = *(UINT64 *)data_intern.Device;
-	data->DeviceContextVTableOffset = *(UINT64 *)data_intern.DeviceContext;
-	data->SwapChainVTableOffset = (*(UINT64 **)data_intern.SwapChain)[8] - (UINT64)d3d11_base;
-
-	CleanD3D(&data_intern);
-	CloseWindow(hWnd);
-	DestroyWindow(hWnd);
-
-	{
-		MSG msg;
-		while (GetMessage(&msg, NULL, 0, 0) &&
-			PeekMessage(&msg, NULL, 0, 0, PM_REMOVE))
-		{
-			TranslateMessage(&msg);
-			DispatchMessage(&msg);
-		}
-	}
-
-	FreeLibrary(d3d11_base);
-
-	return true;
-}
\ No newline at end of file
diff --git a/MemDriverLib/MemDriverLib.cpp b/MemDriverLib/MemDriverLib.cpp
index 1a19552..e8c2e8c 100644
--- a/MemDriverLib/MemDriverLib.cpp
+++ b/MemDriverLib/MemDriverLib.cpp
@@ -290,28 +290,6 @@ bool KInterface::VFree(HANDLE targetPID, PVOID address, SIZE_T size)
 	return false;
 }
 
-bool KInterface::VUnlink(HANDLE targetPID, PVOID address)
-{
-	PKERNEL_VUNLINK_REQUEST vr = (PKERNEL_VUNLINK_REQUEST)getBuffer();
-	m_last_ntstatus = INVALID_NTSTATUS;
-	vr->ProcessId = targetPID;
-	vr->Address = address;
-	vr->StatusRes = (NTSTATUS)-1;
-	if (SendRecvWait(MEM_VUNLINK) == SRR_SIGNALED) {
-		m_last_ntstatus = vr->StatusRes;
-		if (vr->StatusRes)
-		{
-			std::stringstream err_str;
-			err_str << "Call VUnlink(0x" << std::hex << address
-				<< ") failed with 0x"
-				<< std::hex << vr->StatusRes;
-			throw std::runtime_error(err_str.str());
-		}
-		return true;
-	}
-	return false;
-}
-
 PVOID KInterface::getBuffer() {
 	if (!m_shmem)
 		throw std::runtime_error("Call Init() before..");
diff --git a/MemDriverLib/MemDriverLib.vcxproj b/MemDriverLib/MemDriverLib.vcxproj
index efc605e..c01fe9b 100644
--- a/MemDriverLib/MemDriverLib.vcxproj
+++ b/MemDriverLib/MemDriverLib.vcxproj
@@ -154,19 +154,15 @@
   </ItemDefinitionGroup>
   <ItemGroup>
     <ClInclude Include="..\include\DLLHelper.h" />
-    <ClInclude Include="..\include\DX11Manager.h" />
     <ClInclude Include="..\include\KMemDriver.h" />
     <ClInclude Include="..\include\KInterface.h" />
-    <ClInclude Include="..\include\PatternScanner.h" />
     <ClInclude Include="stdafx.h" />
     <ClInclude Include="targetver.h" />
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="DLLHelper.cpp" />
     <ClCompile Include="dllmain.cpp" />
-    <ClCompile Include="DX11Manager.cpp" />
     <ClCompile Include="MemDriverLib.cpp" />
-    <ClCompile Include="PatternScanner.cpp" />
     <ClCompile Include="stdafx.cpp">
       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
diff --git a/MemDriverLib/MemDriverLib.vcxproj.filters b/MemDriverLib/MemDriverLib.vcxproj.filters
index 9718fb3..c69cd86 100644
--- a/MemDriverLib/MemDriverLib.vcxproj.filters
+++ b/MemDriverLib/MemDriverLib.vcxproj.filters
@@ -30,12 +30,6 @@
     <ClInclude Include="..\include\DLLHelper.h">
       <Filter>Header Files</Filter>
     </ClInclude>
-    <ClInclude Include="..\include\PatternScanner.h">
-      <Filter>Header Files</Filter>
-    </ClInclude>
-    <ClInclude Include="..\include\DX11Manager.h">
-      <Filter>Header Files</Filter>
-    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="stdafx.cpp">
@@ -50,11 +44,5 @@
     <ClCompile Include="DLLHelper.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
-    <ClCompile Include="PatternScanner.cpp">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="DX11Manager.cpp">
-      <Filter>Source Files</Filter>
-    </ClCompile>
   </ItemGroup>
 </Project>
\ No newline at end of file
diff --git a/MemDriverLib/PatternScanner.cpp b/MemDriverLib/PatternScanner.cpp
deleted file mode 100644
index aa54a9b..0000000
--- a/MemDriverLib/PatternScanner.cpp
+++ /dev/null
@@ -1,232 +0,0 @@
-#include "stdafx.h"
-
-#include "DLLHelper.h"
-#include "PatternScanner.h"
-
-#include <algorithm>
-#include <stdexcept>
-#include <sstream>
-#include <string>
-#include <vector>
-#include <Windows.h>
-
-
-static bool map_file_loadlib(SymbolResolver& symres, MODULE_DATA& module, PVOID * const buffer,
-	SIZE_T * const size, PVOID const user_ptr);
-static bool map_file_loadlib_cleanup(SymbolResolver& symres, MODULE_DATA& module, PVOID buffer,
-	PVOID const user_ptr);
-
-const struct map_file_data map_loadlib = map_file_data(map_file_loadlib, map_file_loadlib_cleanup, true);
-
-bool map_file_loadlib(SymbolResolver& symres, MODULE_DATA& module, PVOID * const buffer,
-	SIZE_T * const size, PVOID const user_ptr)
-{
-	HMODULE hMod;
-	struct loadlib_user_data * const user_data = (struct loadlib_user_data * const) user_ptr;
-	std::vector<DLL_DIRECTORY_COOKIE> dir_cookies;
-
-	if (user_data) {
-		if (user_data->additionalDllSearchDirectories.size() == 1) {
-			SetDllDirectoryA(user_data->additionalDllSearchDirectories[0].c_str());
-		}
-		else {
-			for (auto& searchDir : user_data->additionalDllSearchDirectories) {
-				dir_cookies.push_back(AddDllDirectory(std::wstring(searchDir.begin(),
-					searchDir.end()).c_str()));
-			}
-			if (!SetDefaultDllDirectories(LOAD_LIBRARY_SEARCH_USER_DIRS)) {
-				return false;
-			}
-		}
-	}
-
-	hMod = symres.LoadLibrary(module.FullDllPath);
-
-	if (user_data) {
-		if (dir_cookies.size() > 1) {
-			SetDllDirectoryA("");
-		}
-		else
-			for (auto& searchDir : dir_cookies) {
-				RemoveDllDirectory(searchDir);
-			}
-	}
-
-	if (!hMod) {
-		*buffer = NULL;
-		*size = 0;
-		return false;
-	}
-	else {
-		*buffer = hMod;
-		*size = module.SizeOfImage;
-		return true;
-	}
-}
-
-bool map_file_loadlib_cleanup(SymbolResolver& symres, MODULE_DATA& module, PVOID buffer, PVOID const user_ptr)
-{
-	return symres.FreeLibrary((HMODULE)buffer);
-}
-
-PatternScanner::PatternScanner(SymbolResolver& symres,
-	struct map_file_data const * const mfd, PVOID map_file_user_data)
-	: m_symbolResolver(symres), mfd(mfd), map_file_user_data(map_file_user_data)
-{
-	if (!mfd) {
-		throw std::runtime_error("MapFileData was NULL");
-	}
-}
-
-PatternScanner::~PatternScanner()
-{
-}
-
-static void findAndReplaceAll(std::string& data, const char * const search, const char * const replace)
-{
-	std::string toSearch(search);
-	std::string replaceStr(replace);
-
-	size_t pos = data.find(toSearch);
-
-	while (pos != std::string::npos)
-	{
-		data.replace(pos, toSearch.size(), replaceStr);
-		pos = data.find(toSearch, pos + replaceStr.size());
-	}
-}
-
-bool PatternScanner::checkPattern(MODULE_DATA& module, const char * const pattern, std::string& result)
-{
-	const char * const hexalnum = "0123456789abcdefABCDEF ?";
-	std::string str_pattern(pattern);
-
-	std::size_t found = str_pattern.find_first_not_of(hexalnum);
-	if (found != std::string::npos) {
-		std::stringstream err_str;
-		err_str << "Found an invalid character at " << found
-			<< " (allowed characters: \"" << hexalnum << "\")";
-		throw std::runtime_error(err_str.str());
-		return false;
-	}
-
-	findAndReplaceAll(str_pattern, " ", "");
-	if (str_pattern.length() % 2 != 0) {
-		std::stringstream err_str;
-		err_str << "Pattern length is not a multiple of 2";
-		throw std::runtime_error(err_str.str());
-		return false;
-	}
-
-	result = str_pattern;
-	return true;
-}
-
-constexpr UINT8 HexCharToInt(char Input)
-{
-	return
-		((Input >= 'a') && (Input <= 'f'))
-		? (Input - 87)
-		: ((Input >= 'A') && (Input <= 'F'))
-		? (Input - 55)
-		: ((Input >= '0') && (Input <= '9'))
-		? (Input - 48)
-		: throw std::exception{};
-}
-
-constexpr UINT8 HexChar(char High, char Low)
-{
-	return (HexCharToInt(High) << 4) | (HexCharToInt(Low));
-}
-
-bool PatternScanner::doScan(std::string& pattern, UINT8 *buf, SIZE_T size, std::vector<SIZE_T>& foundOffsets)
-{
-	SIZE_T pattern_index = 0, pattern_length = pattern.length();
-
-	for (SIZE_T i = 0; i + (pattern_length / 2) < size; ++i) {
-		if (pattern_index == pattern_length) {
-			pattern_index = 0;
-			foundOffsets.push_back((SIZE_T)buf + i - pattern_length / 2);
-		}
-		if (pattern.at(pattern_index) == '?' && pattern.at(pattern_index + 1) == '?' ||
-			buf[i] == HexChar(pattern.at(pattern_index), pattern.at(pattern_index + 1))) {
-			pattern_index += 2;
-		}
-		else {
-			pattern_index = 0;
-			continue;
-		}
-	}
-
-	return true;
-}
-
-bool PatternScanner::Scan(MODULE_DATA& module, const char * const pattern, std::vector<SIZE_T>& foundAddresses)
-{
-	bool result;
-	std::string validPattern;
-	IMAGE_NT_HEADERS *ntHeader;
-	IMAGE_SECTION_HEADER *secHeader;
-	UINT8 *mappedBuffer = NULL;
-	SIZE_T mappedSize = 0;
-
-	if (!checkPattern(module, pattern, validPattern)) {
-		return false;
-	}
-
-	if (!mfd->mapfile(m_symbolResolver, module, (PVOID *)&mappedBuffer, &mappedSize, map_file_user_data))
-	{
-		return false;
-	}
-
-	if (mfd->in_memory_module) {
-		if (!VerifyPeHeader(mappedBuffer, mappedSize, &ntHeader) || !ntHeader) {
-			return false;
-		}
-
-		DWORD nBytes = 0, virtualSize;
-		secHeader = IMAGE_FIRST_SECTION(ntHeader);
-		result = true;
-		for (SIZE_T i = 0; i < ntHeader->FileHeader.NumberOfSections; i++)
-		{
-			if (nBytes >= ntHeader->OptionalHeader.SizeOfImage)
-				break;
-
-			if (!doScan(validPattern, MakePtr(BYTE *, mappedBuffer,
-				secHeader->VirtualAddress), secHeader->SizeOfRawData, foundAddresses))
-			{
-				result = false;
-			}
-
-			virtualSize = secHeader->VirtualAddress;
-			secHeader++;
-			virtualSize = secHeader->VirtualAddress - virtualSize;
-			nBytes += virtualSize;
-		}
-	}
-	else {
-		result = doScan(validPattern, mappedBuffer, mappedSize, foundAddresses);
-	}
-
-	if (!mfd->mapcleanup(m_symbolResolver, module, mappedBuffer, map_file_user_data))
-	{
-		return false;
-	}
-
-	return result;
-}
-
-bool PatternScanner::ScanForAddress(HANDLE targetPID, MODULE_DATA& module, PatternScanner *pscan, const char * const pattern, std::function<bool(SIZE_T)> callback)
-{
-	std::vector<SIZE_T> foundAddresses;
-
-	pscan->Scan(module, "48 8B 48 20 48 8B 01 FF 90 20 01 00 00", foundAddresses);
-
-	for (auto& addr : foundAddresses) {
-		if (callback(addr)) {
-			return true;
-		}
-	}
-
-	return false;
-}
\ No newline at end of file
diff --git a/include/KInterface.h b/include/KInterface.h
index 55137e8..db2f40d 100644
--- a/include/KInterface.h
+++ b/include/KInterface.h
@@ -43,7 +43,6 @@ public:
 		PKERNEL_WRITE_REQUEST result);
 	bool VAlloc(HANDLE targetPID, PVOID* address, SIZE_T* size, ULONG protection);
 	bool VFree(HANDLE targetPID, PVOID address, SIZE_T size);
-	bool VUnlink(HANDLE targetPID, PVOID address);
 
 	bool MtInit() {
 		std::unique_lock<std::mutex> lck(m_jobLock);
@@ -89,10 +88,6 @@ public:
 		std::unique_lock<std::mutex> lck(m_jobLock);
 		return VFree(targetPID, address, size);
 	}
-	bool MtVUnlink(HANDLE targetPID, PVOID address) {
-		std::unique_lock<std::mutex> lck(m_jobLock);
-		return VUnlink(targetPID, address);
-	}
 
 	PVOID getBuffer();
 	HANDLE getKHandle();
diff --git a/include/KMemDriver.h b/include/KMemDriver.h
index 778006c..db00010 100644
--- a/include/KMemDriver.h
+++ b/include/KMemDriver.h
@@ -30,8 +30,7 @@ typedef _Return_type_success_(return >= 0) LONG NTSTATUS;
 #define MEM_WPM					0x806
 #define MEM_VALLOC				0x807
 #define MEM_VFREE				0x808
-#define MEM_VUNLINK				0x809
-#define MEM_EXIT				0x810
+#define MEM_EXIT				0x809
 
 typedef struct _KERNEL_HEADER
 {
@@ -133,15 +132,6 @@ typedef struct _KERNEL_VFREE_REQUEST
 	NTSTATUS StatusRes;
 } KERNEL_VFREE_REQUEST, * PKERNEL_VFREE_REQUEST;
 
-typedef struct _KERNEL_VUNLINK_REQUEST
-{
-	KERNEL_HEADER hdr;
-	HANDLE ProcessId;
-	PVOID Address;
-
-	NTSTATUS StatusRes;
-} KERNEL_VUNLINK_REQUEST, * PKERNEL_VUNLINK_REQUEST;
-
 typedef struct _PROCESS_DATA
 {
 	ULONG NumberOfThreads;
@@ -194,7 +184,6 @@ validateRequest
 	case MEM_WPM:
 	case MEM_VALLOC:
 	case MEM_VFREE:
-	case MEM_VUNLINK:
 	case MEM_EXIT:
 		return hdr->type;
 	default: