landhb
commented
7 years ago @lexlutorr Thanks! The 0x815 is actually just something I randomly chose. You can choose any code you like as long as it's the same in both the loader and the driver. The corresponding declaration in the driver is on line 5 of irphandlers.c:
https://github.com/landhb/HideProcess/blob/master/driver/irphandlers.c#L5
Thanks for uploading this mate, I was wondering where do you obtain the loader irp code 0x815 from , driver compiles perfect though