You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19 lines
435 B
19 lines
435 B
#include "detect.h"
|
|
|
|
#define dprintf(format, ...) DbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_ERROR_LEVEL, (format), __VA_ARGS__)
|
|
|
|
EXTERN_C
|
|
NTSTATUS
|
|
DriverEntry(_In_ PDRIVER_OBJECT DriverObject, _In_ PUNICODE_STRING RegistryPath)
|
|
{
|
|
dprintf("[Hello]: DriverEntry!\n");
|
|
|
|
bool bDetect = AntiKernelDbgByPoolTag();
|
|
if (bDetect)
|
|
{
|
|
dprintf("[Detect]: By AntiKernelDbgByPoolTag!\n");
|
|
}
|
|
|
|
return STATUS_VIRUS_DELETED;
|
|
}
|