Using DebugView was easier than I thought. After a few hours, it turns out 64 bit kernel driver IS to blame... Silly me... Duh !
How would you fix this
Since my individual kernel signing certificate expired and it was a pain to get one the first time and they no longer even sell them.
Can anybody PLEASE re-sign the modified 64 bit sys file just for this one time? I could provide my original previously signed driver, if you need it to binary compare etc.
status = ZwDuplicateObject(hProcess,(HANDLE)SysHandle[i].Handle,ZwCurrentProcess(),&ObjectHandle,0, 0, DUPLICATE_SAME_ATTRIBUTES |DUPLICATE_SAME_ACCESS);
DbgPrint("status:%d sourceProcess:%p SourceHandle:%d CurrentProcess:%d returnedObjectHandle:%d.\n", RtlNtStatusToDosError(status),hProcess, (HANDLE)SysHandle[i].Handle,PsGetCurrentProcessId(),&ObjectHandle);
//On_32bit status:0 sourceProcess:80002CB8 SourceHandle:68 CurrentProcess:3984 returnedObjectHandle:-340903132.
//On_64bit status:0 sourceProcess:FFFFFFFF800001BC SourceHandle:108 CurrentProcess:1996 returnedObjectHandle:221378472.
status = ObReferenceObjectByHandle(ObjectHandle, FILE_ANY_ACCESS, *IoFileObjectType, UserMode, (PVOID*)&FileObject, &objHandle);
DbgPrint("status %d.\n", RtlNtStatusToDosError(status));
//On_64bit status=STATUS_INVALID_HANDLE (error 6 here only on 64 bit on 32 it is 0 as expected) !!!???