mirror of
https://github.com/ciyze0101/Windows-Rootkits
synced 2024-06-16 11:58:04 +00:00
.. | ||
clean.bat | ||
common.h | ||
ddkbuild.cmd | ||
FileProtectX86.c | ||
FileProtectX86.h | ||
FileProtectX86.sln | ||
FileProtectX86.suo | ||
FileProtectX86.sys | ||
FileProtectX86.vcxproj | ||
FileProtectX86.vcxproj.user | ||
makefile | ||
mybuild.bat | ||
ReadMe.txt | ||
sources | ||
struct.h |
1.Hook NtSetInformationFile to change target file 2.Hook NtWriteFile to write the target file 3.Hook NtDeleteFile to delete the target file 4.bind keyboard Filter Driver to avoid "ctrl+c" copy the content There has a problem : the keyboard filter Driver is global , and other process cann't use "ctrl+c" also.