-
-
[讨论]帮我看下哪里错了,不要骂我。。。
-
发表于:
2009-5-24 10:52
3584
-
#include "ntddk.h"
#include "ntdef.h"
#include "string.h"
UNICODE_STRING KeyPath=RTL_CONSTANT_STRING
(L"\\Registry\\Machine\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run");
UNICODE_STRING KeyName=RTL_CONSTANT_STRING(L"vmware-tray");
HANDLE KeyHandle;
POBJECT_ATTRIBUTES Obj_attrib={0};
VOID OnUnLoad(IN PDRIVER_OBJECT DriverOject)
{
DbgPrint("UnLoad!");
}
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject,IN PUNICODE_STRING RegistryPath)
{
NTSTATUS status;
InitializeObjectAttributes(Obj_attrib,&KeyPath,OBJ_KERNEL_HANDLE,NULL,NULL);
status=ZwOpenKey(&KeyHandle,KEY_ALL_ACCESS,Obj_attrib);
if(!status==STATUS_SUCCESS)
{
DbgPrint("open fails!",status);
}
status=ZwDeleteValueKey(KeyHandle,&KeyName);
if(!status==STATUS_SUCCESS)
{
DbgPrint("Delete fails!");
}
ZwClose(KeyHandle);
DbgPrint("Delete!");
DriverObject->DriverUnload=OnUnLoad;
return STATUS_SUCCESS;
}
编译通过,加载蓝屏,哪里出错了?
[课程]FART 脱壳王!加量不加价!FART作者讲授!