I've downloaded the EasyHook 2.7 libraries and am testing the FileMon.exe app using administrator powershell and ProcessMonitor.exe to find PID's.
I've successfully injected 3 different 32-bit applications. Text gets spammed to the console whenever I create and load files.
Whenever I inject a 64-bit application, the target crashes whenever fileMon executes its callback. Target program says something generic, "blah has stopped working", and powershell doesn't produce output.
Same results for 3.5 and 4.0 binaries.
I'm running a 64-bit version of Windows 8.
Might be related to this bug: