Mch4 in windows10 (aniversary with secure boot disabled), has the same behavior described in the thread viewtopic.php?f=7&t=28319
if the antivirus (symantec EndPoint Protection 12.1.16) and chrome (56.0.2924.87 (Official build) (64 bits)) are present, the FOLLOW_JMP flag resolves the issue of black tabs. The problem is with the uninject method. Leaves some threads injected. I have tried the uninjectcallback with same results. With windbg i can see that the DLL_PROCESS_DETACH is not called in these threads...
Can be the limit of 10 jumps in FOLLOW_JPM?
This sounds really complicated. I'm not sure why there's a problem. My best guess right now would be that madCodeHook doesn't manage to get the access rights to uninstall the API hooks when uninjecting the hook dll. That's really bad, though.
Is there any chance you could provide a small(ish) VM for me to download with which I could reproduce the issue?