Changing address of the nt!KeUpdateSystemTime in HAL.DLL IAT for the same purposes is a more simple and stable way: only 4-byte patcing without any disassemblers, signatures, unexported functions, etc.
A forum for reverse engineering, OS internals and malware analysis