leecher1337
commented
1 month ago I guess one of the easiest ways is to rename ldntvdm.dll in both Windows\system32 and windows\syswow64 directory to a different filename and then reboot. Reboot is necessary, as the loader got already injected and may get detected.
There is a blacklist feature to tell the loader to not inject into processes with specific names but that may be too risky in your case, as you may not know all the processes of the games that are scanned and additionally, the loader just checks the blacklist upon initialization, so it decides to detach from the process again, after it checks the blacklist, so this is not suitable in your case.
You can also remove the registry key responsible and reboot, but keys differ on Windows version (either appinit or appcert), so the safest method may be to create 2 batch files that you have to run as admin:
disable.cmd
ren %systemroot%\system32\ldntvdm.dll ldntvdm.off
ren %systemroot%\syswow64\ldntvdm.dll ldntvdm.off
if exist %systemroot%\system32\ldntvdm.dll pauseenable.cmd
ren %systemroot%\system32\ldntvdm.off ldntvdm.dll
ren %systemroot%\syswow64\ldntvdm.off ldntvdm.dll
if exist %systemroot%\system32\ldntvdm.off pause
i have a question: how do i temporary disable ntvdmx64, because im afraid some games anti cheats might detect it and ban me, since it injects itself into every process