I'm looking for a way to hide a process with SSDT in x64 Windows 7. I successfully find SSDT location and changed the value (4byte), which is RVA for a specific system function. If you want to know the details, let me know it. I'll add more information.

However, I failed to point to the hooked function from the changed SSDT because of the different base address, which is added with RVA value above.

Does anybody know where to go? Thank you in advance.