diff --git a/README.md b/README.md
index 8a8ade1..a6f59ea 100644
--- a/README.md
+++ b/README.md
@@ -248,3 +248,6 @@ v5.8
 * Bug fixes.
 * Linux clang compilation support.
 * macOS support.
+
+Latest:
+* Bug fixes.
diff --git a/m_vmemd/m_vmemd.c b/m_vmemd/m_vmemd.c
index 69e97e7..3768144 100644
--- a/m_vmemd/m_vmemd.c
+++ b/m_vmemd/m_vmemd.c
@@ -316,7 +316,7 @@ fail:
 * -- H
 * -- pRegInfo
 */
-EXPORTED_FUNCTION
+__declspec(dllexport) EXPORTED_FUNCTION
 VOID InitializeVmmPlugin(_In_ VMM_HANDLE H, _In_ PVMMDLL_PLUGIN_REGINFO pRegInfo)
 {
     if((pRegInfo->magic != VMMDLL_PLUGIN_REGINFO_MAGIC) || (pRegInfo->wVersion != VMMDLL_PLUGIN_REGINFO_VERSION)) { return; }
diff --git a/m_vmemd/version.h b/m_vmemd/version.h
index 8ccb135..9035711 100644
--- a/m_vmemd/version.h
+++ b/m_vmemd/version.h
@@ -3,8 +3,8 @@
 
 #define VERSION_MAJOR               5
 #define VERSION_MINOR               14
-#define VERSION_REVISION            1
-#define VERSION_BUILD               191
+#define VERSION_REVISION            2
+#define VERSION_BUILD               192
 
 #define VER_FILE_DESCRIPTION_STR    "MemProcFS : Plugin vmemd"
 #define VER_FILE_VERSION            VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD
diff --git a/memprocfs/version.h b/memprocfs/version.h
index cbeeba3..6938975 100644
--- a/memprocfs/version.h
+++ b/memprocfs/version.h
@@ -3,8 +3,8 @@
 
 #define VERSION_MAJOR               5
 #define VERSION_MINOR               14
-#define VERSION_REVISION            1
-#define VERSION_BUILD               191
+#define VERSION_REVISION            2
+#define VERSION_BUILD               192
 
 #define VER_FILE_DESCRIPTION_STR    "MemProcFS"
 #define VER_FILE_VERSION            VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD
diff --git a/vmm/fc.c b/vmm/fc.c
index bd62b36..02ae82e 100644
--- a/vmm/fc.c
+++ b/vmm/fc.c
@@ -1267,9 +1267,9 @@ VOID FcScanVirtmem_AddRangeUser(_In_ VMM_HANDLE H, _In_ PFCOB_SCAN_VIRTMEM_CONTE
     PVMM_PROCESS pObProcess = NULL;
     while((pObProcess = VmmProcessGetNext(H, pObProcess, 0))) {
         if(H->fAbort) { goto fail; }
-        if(!pObProcess->fUserOnly) { continue; }            // don't scan kernel processes
-        if(!pObProcess->win.vaPEB) { continue; }            // don't scan special user-mode processes without PEB (such as MemCompression)
-        if(FcIsProcessSkip(H, pObProcess)) { continue; }    // don't scan problematic processes
+        if(VmmProcess_IsKernelOnly(pObProcess)) { continue; }   // don't scan kernel processes
+        if(!pObProcess->win.vaPEB) { continue; }                // don't scan special user-mode processes without PEB (such as MemCompression)
+        if(FcIsProcessSkip(H, pObProcess)) { continue; }        // don't scan problematic processes
         FcScanVirtmem_AddRangeUserProcess(H, ctx, pObProcess);
     }
 fail:
diff --git a/vmm/modules/m_evil_apc1.c b/vmm/modules/m_evil_apc1.c
index d6a3d5b..7234cfd 100644
--- a/vmm/modules/m_evil_apc1.c
+++ b/vmm/modules/m_evil_apc1.c
@@ -132,7 +132,7 @@ VOID MEvilAPC1_DoWork(_In_ VMM_HANDLE H, _In_ VMMDLL_MODULE_ID MID, _In_opt_ PVO
     if(!f) { goto fail; }
     // iterate over user-mode processes:
     while((pObProcess = VmmProcessGetNext(H, pObProcess, 0))) {
-        if(!pObProcess->fUserOnly) { continue; }
+        if(VmmProcess_IsKernelOnly(pObProcess)) { continue; }
         if(H->fAbort) { goto fail; }
         if(VmmMap_GetThread(H, pObProcess, &pObThreadMap)) {
             for(i = 0; i < pObThreadMap->cMap; i++) {
diff --git a/vmm/modules/m_evil_proc1.c b/vmm/modules/m_evil_proc1.c
index 4b0a0be..46d8757 100644
--- a/vmm/modules/m_evil_proc1.c
+++ b/vmm/modules/m_evil_proc1.c
@@ -160,7 +160,7 @@ VOID MEvilProc1_VadNoImageExecuteEntry(_In_ VMM_HANDLE H, _In_ PVMM_PROCESS pPro
     for(iVadEx = 0; iVadEx < pObVadExMap->cMap; iVadEx++) {
         peVadEx = pObVadExMap->pMap + iVadEx;
         fPteA = peVadEx->flags & VADEXENTRY_FLAG_HARDWARE;
-        if(!fPteA && !MMVAD_IS_FLAG_X(peVad)) { continue; }
+        //if(!fPteA && !MMVAD_IS_FLAG_X(peVad)) { continue; }
         if(fPteA && (peVadEx->flags & VADEXENTRY_FLAG_NX)) { continue; }
         if(peVadEx->tp == VMM_PTE_TP_DEMANDZERO) { continue; }
         if((fPteA && (peVadEx->flags & VADEXENTRY_FLAG_W)) || (!fPteA && MMVAD_IS_FLAG_W(peVad))) {
@@ -326,7 +326,7 @@ VOID MEvilProc1_DoWork(_In_ VMM_HANDLE H, _In_ VMMDLL_MODULE_ID MID, _In_opt_ PV
     if(!(psObInjectedPE = ObSet_New(H))) { goto fail; }
     while((pObProcess = VmmProcessGetNext(H, pObProcess, 0))) {
         if(H->fAbort) { goto fail; }
-        if(pObProcess->dwState || !pObProcess->fUserOnly) { continue; }
+        if(pObProcess->dwState || VmmProcess_IsKernelOnly(pObProcess)) { continue; }
         if(FcIsProcessSkip(H, pObProcess)) { continue; }
         MEvilProc1_PePatched_VadImageExecuteNoProto(H, pObProcess);
         // update result with execute pages in non image vads.
diff --git a/vmm/modules/m_evil_proc2.c b/vmm/modules/m_evil_proc2.c
index e0f5a46..d424239 100644
--- a/vmm/modules/m_evil_proc2.c
+++ b/vmm/modules/m_evil_proc2.c
@@ -160,7 +160,7 @@ VOID MEvilProc2_DoWork(_In_ VMM_HANDLE H, _In_ VMMDLL_MODULE_ID MID, _In_opt_ PV
     PVMM_PROCESS pObProcess = NULL;
     while((pObProcess = VmmProcessGetNext(H, pObProcess, 0))) {
         if(H->fAbort) { goto fail; }
-        if(pObProcess->dwState || !pObProcess->fUserOnly) { continue; }
+        if(pObProcess->dwState || VmmProcess_IsKernelOnly(pObProcess)) { continue; }
         if(FcIsProcessSkip(H, pObProcess)) { continue; }
         MEvilProc2_BadParent(H, pObProcess);
         MEvilProc2_BadUser(H, pObProcess);
diff --git a/vmm/modules/m_evil_proc3.c b/vmm/modules/m_evil_proc3.c
index be4eac3..21a3f3c 100644
--- a/vmm/modules/m_evil_proc3.c
+++ b/vmm/modules/m_evil_proc3.c
@@ -95,7 +95,7 @@ VOID MEvilProc3_DoWork(_In_ VMM_HANDLE H, _In_ VMMDLL_MODULE_ID MID, _In_opt_ PV
     MEVILPROC3_TIMECHANGE TimeChange = { 0 };
     while((pObProcess = VmmProcessGetNext(H, pObProcess, VMM_FLAG_PROCESS_TOKEN | VMM_FLAG_PROCESS_SHOW_TERMINATED))) {
         if(H->fAbort) { goto fail; }
-        if(!pObProcess->fUserOnly) { continue; }
+        if(VmmProcess_IsKernelOnly(pObProcess)) { continue; }
         if(FcIsProcessSkip(H, pObProcess)) { continue; }
         MEvilProc3_SeDebugPrivilege(H, pObProcess);
         MEvilProc3_TimeChange(H, pObProcess, &TimeChange);
diff --git a/vmm/modules/m_evil_thread1.c b/vmm/modules/m_evil_thread1.c
index 70fc0b2..43c3748 100644
--- a/vmm/modules/m_evil_thread1.c
+++ b/vmm/modules/m_evil_thread1.c
@@ -245,7 +245,7 @@ VOID MEvilThread1_DoWork(_In_ VMM_HANDLE H, _In_ VMMDLL_MODULE_ID MID, _In_opt_
     // 2: scan user-mode processes for evil threads:
     while((pObProcess = VmmProcessGetNext(H, pObProcess, VMM_FLAG_PROCESS_TOKEN))) {
         if(H->fAbort) { goto fail; }
-        if(pObProcess->dwState || !pObProcess->fUserOnly) { continue; }
+        if(pObProcess->dwState || VmmProcess_IsKernelOnly(pObProcess)) { continue; }
         if(FcIsProcessSkip(H, pObProcess)) { continue; }
         if(VmmMap_GetThread(H, pObProcess, &pObThreadMap)) {
             VmmMap_GetModule(H, pObProcess, 0, &ctx.pModuleMap);
diff --git a/vmm/version.h b/vmm/version.h
index 9803727..74627e8 100644
--- a/vmm/version.h
+++ b/vmm/version.h
@@ -3,8 +3,8 @@
 
 #define VERSION_MAJOR               5
 #define VERSION_MINOR               14
-#define VERSION_REVISION            1
-#define VERSION_BUILD               191
+#define VERSION_REVISION            2
+#define VERSION_BUILD               192
 
 #define VER_FILE_DESCRIPTION_STR    "MemProcFS : Core"
 #define VER_FILE_VERSION            VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD
diff --git a/vmm/vmm.c b/vmm/vmm.c
index 96303ab..bbf857c 100644
--- a/vmm/vmm.c
+++ b/vmm/vmm.c
@@ -1298,6 +1298,16 @@ VOID VmmProcessTlbClear(_In_ VMM_HANDLE H)
     Ob_DECREF(pt);
 }
 
+/*
+* Query the process whether it's a kernel process or not.
+* -- pProcess
+* -- return = TRUE if a typical kernel-mode process, FALSE if typical user-mode process.
+*/
+BOOL VmmProcess_IsKernelOnly(_In_opt_ PVMM_PROCESS pProcess)
+{
+    return pProcess && !pProcess->fUserOnly && (*(PQWORD)pProcess->szName != 0x78652e737361736c) && (*(PQWORD)pProcess->szName != 0x78652e7373727363);
+}
+
 /*
 * Query process for its creation time.
 * -- H
diff --git a/vmm/vmm.h b/vmm/vmm.h
index 2f73c73..f3fa556 100644
--- a/vmm/vmm.h
+++ b/vmm/vmm.h
@@ -2501,6 +2501,13 @@ PVMM_PROCESS VmmProcessCreateEntry(_In_ VMM_HANDLE H, _In_ BOOL fTotalRefresh, _
 _Success_(return)
 BOOL VmmProcessCreateTerminatedFakeEntry(_In_ VMM_HANDLE H, _In_ DWORD dwPID, _In_ DWORD dwPPID, _In_ QWORD ftCreate, _In_ QWORD ftExit, _In_reads_(15) LPSTR szShortName, _In_ LPSTR uszLongName);
 
+/*
+* Query the process whether it's a kernel process or not.
+* -- pProcess
+* -- return = TRUE if a typical kernel-mode process, FALSE if typical user-mode process.
+*/
+BOOL VmmProcess_IsKernelOnly(_In_opt_ PVMM_PROCESS pProcess);
+
 /*
 * Query process for its creation time.
 * -- H
diff --git a/vmmpyc/version.h b/vmmpyc/version.h
index 26a4e55..a38ec0f 100644
--- a/vmmpyc/version.h
+++ b/vmmpyc/version.h
@@ -3,8 +3,8 @@
 
 #define VERSION_MAJOR               5
 #define VERSION_MINOR               14
-#define VERSION_REVISION            1
-#define VERSION_BUILD               191
+#define VERSION_REVISION            2
+#define VERSION_BUILD               192
 
 #define VER_FILE_DESCRIPTION_STR    "MemProcFS : Python API"
 #define VER_FILE_VERSION            VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD
diff --git a/vmmrust/leechcore_example/Cargo.toml b/vmmrust/leechcore_example/Cargo.toml
index 23ecf95..3c7de45 100644
--- a/vmmrust/leechcore_example/Cargo.toml
+++ b/vmmrust/leechcore_example/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "leechcore_example"
-version = "5.14.1"
+version = "5.14.2"
 edition = "2021"
 publish = false
 
diff --git a/vmmrust/m_example_plugin/Cargo.toml b/vmmrust/m_example_plugin/Cargo.toml
index a7e8679..2cd0a33 100644
--- a/vmmrust/m_example_plugin/Cargo.toml
+++ b/vmmrust/m_example_plugin/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "m_example_plugin"
-version = "5.14.1"
+version = "5.14.2"
 edition = "2021"
 publish = false
 
diff --git a/vmmrust/memprocfs/Cargo.toml b/vmmrust/memprocfs/Cargo.toml
index db7bc3a..b82bfdb 100644
--- a/vmmrust/memprocfs/Cargo.toml
+++ b/vmmrust/memprocfs/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "memprocfs"
-version = "5.14.1"
+version = "5.14.2"
 edition = "2021"
 description = "MemProcFS - Physical Memory Analysis Framework"
 documentation = "https://docs.rs/memprocfs"
diff --git a/vmmrust/memprocfs_example/Cargo.toml b/vmmrust/memprocfs_example/Cargo.toml
index 81471da..643b709 100644
--- a/vmmrust/memprocfs_example/Cargo.toml
+++ b/vmmrust/memprocfs_example/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "memprocfs_example"
-version = "5.14.1"
+version = "5.14.2"
 edition = "2021"
 publish = false
 
diff --git a/vmmsharp/vmmsharp/Properties/AssemblyInfo.cs b/vmmsharp/vmmsharp/Properties/AssemblyInfo.cs
index 7a5519b..694bcd4 100644
--- a/vmmsharp/vmmsharp/Properties/AssemblyInfo.cs
+++ b/vmmsharp/vmmsharp/Properties/AssemblyInfo.cs
@@ -32,5 +32,5 @@ using System.Runtime.Versioning;
 // You can specify all the values or you can default the Build and Revision Numbers
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("5.14.1.191")]
-[assembly: AssemblyFileVersion("5.14.1.191")]
+[assembly: AssemblyVersion("5.14.2.192")]
+[assembly: AssemblyFileVersion("5.14.2.192")]
diff --git a/vmmsharp/vmmsharp/vmmsharp.csproj b/vmmsharp/vmmsharp/vmmsharp.csproj
index e2c0b8d..94adfb9 100644
--- a/vmmsharp/vmmsharp/vmmsharp.csproj
+++ b/vmmsharp/vmmsharp/vmmsharp.csproj
@@ -109,7 +109,7 @@
 		<None Include="logo.png" Pack="true" Visible="true" PackagePath="" />
 	</ItemGroup>
     <PropertyGroup>
-        <Version>5.14.1</Version>
+        <Version>5.14.2</Version>
         <RepositoryUrl>https://github.com/ufrisk/MemProcFS</RepositoryUrl>
         <RepositoryType>git</RepositoryType>
         <PackageLicenseFile>LICENSE</PackageLicenseFile>