RootKits——windows内核的安全防护(6)
驱动程序的入口很简单,仅仅设置好相应的Unload函数,并调用Hook函数。 PFILE_OBJECT pFile_tcp;PDEVICE_OBJECT pDev_tcp;PDRIVER_OBJECT pDrv_tcpip;NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_ST
