Added patch to emulate write to CR4 register.

patches/ntoskrnl-Write_CR4/0001-ntoskrnl.exe-Emulate-write-to-CR4-register.patch

@@ -0,0 +1,31 @@
+From 0f039e31e5e405a94ddc907bffc796886a53c9b1 Mon Sep 17 00:00:00 2001
+From: Stefan Leichter <Stefan.Leichter@camline.com>
+Date: Fri, 31 Oct 2014 07:30:03 +0100
+Subject: ntoskrnl.exe: Emulate write to CR4 register.
+
+---
+ dlls/ntoskrnl.exe/instr.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/dlls/ntoskrnl.exe/instr.c b/dlls/ntoskrnl.exe/instr.c
+index 85ab9eb..e545269 100644
+--- a/dlls/ntoskrnl.exe/instr.c
++++ b/dlls/ntoskrnl.exe/instr.c
+@@ -319,9 +319,14 @@ static DWORD emulate_instruction( EXCEPTION_RECORD *rec, CONTEXT *context )
+                 TRACE("mov eax,cr0 at 0x%08x, EAX=0x%08x\n", context->Eip,context->Eax );
+                 context->Eip += prefixlen+3;
+                 return ExceptionContinueExecution;
++            case 0xe0:
++                TRACE("mov eax,cr4 at 0x%08x, EAX=0x%08x\n", context->Eip,context->Eax );
++                context->Eip += prefixlen+3;
++                return ExceptionContinueExecution;
+             default:
+                 break; /*fallthrough to bad instruction handling */
+             }
++            ERR("Unsupported CR register, eip+2 is %02x\n", instr[2]);
+             break; /*fallthrough to bad instruction handling */
+         case 0x20: /* mov crX, eax */
+             switch (instr[2])
+-- 
+2.1.2
+

patches/ntoskrnl-Write_CR4/definition

@@ -0,0 +1,4 @@
+Author: Stefan Leichter
+Subject: Emulate write to CR4 register.
+Revision: 1
+Fixes: [30220] Emulate write to CR4 register