diff --git a/.editorconfig b/.editorconfig
deleted file mode 100644
index 927deaf8..00000000
--- a/.editorconfig
+++ /dev/null
@@ -1,5 +0,0 @@
-# Rules in this file were initially inferred by Visual Studio IntelliCode from the C:\Users\olszfi\Downloads\PPLRunner-1.0\PPLRunner-1.0 codebase based on best match to current usage at 31/03/2021
-# You can modify the rules from these initially generated values to suit your own policies
-# You can learn more about editorconfig here: https://docs.microsoft.com/en-us/visualstudio/ide/editorconfig-code-style-settings-reference
-[*.cs]
-
diff --git a/README.md b/README.md
index f0250aa0..a55f749a 100644
--- a/README.md
+++ b/README.md
@@ -22,3 +22,14 @@ An accompanying blog post can be found here: https://blog.redbluepurple.io/windo
 - [ ] Risk based detection lifecycle 
 
 ### Setup instructions
+Assuming you do not have a Microsoft-trusted signing certificate:
+- Put your machine in the test signing mode with bcdedit
+- Generate a self-signed certificate with ELAM and Code Signing EKU 
+- Sign TiEtwAgent.exe and your ELAM driver with the certificate 
+- ./TiEtwAgent install
+- net start TiEtwAgent
+- Look for logs, by default in C:\Windows\Temp\TiEtwAgent.txt
+
+PS. If you do not want to write an ELAM driver, you can get one from https://github.com/pathtofile/PPLRunner/tree/main/elam_driver
+
+Special thanks to @pathtofile for the post here: https://blog.tofile.dev/2020/12/16/elam.html