BOOLEAN SetupVirusCheckObject(PUCHAR VdbCode,PUCHAR VdbData)
{
PVIRUS_CHECK_OBJECT CheckObject;
PFN_Check_Db_Init VdbInit = (PFN_Check_Db_Init)VdbCode;
CheckObject = VdbInit(VdbData);

CheckObject->Check_OpenReadFile   = Check_OpenReadFile;
CheckObject->Check_OpenReadWriteFile = Check_OpenReadWriteFile;
CheckObject->Check_CloseHandle   = Check_CloseHandle;
CheckObject->Check_GetFileSize   = Check_GetFileSize;
CheckObject->Check_ReadFile    = Check_ReadFile;
CheckObject->Check_ModifyFile   = Check_ModifyFile;
CheckObject->Check_ReadFloppySection = Check_ReadFloppySection;
CheckObject->Check_WriteFloppySection= Check_WriteFloppySection;
CheckObject->Check_ClearFileAttribute= Check_ClearFileAttribute;
CheckObject->Check_SetFileAttribute  = Check_SetFileAttribute;
CheckObject->Check_malloc    = Check_malloc;
CheckObject->Check_free     = Check_free;
CheckObject->Check_Null     = Check_Null;

CheckObject->usOff6B   = 1;
CheckObject->FileContext2 = NULL;  // 待检测病毒文件内存对象指针
return 1;
}

缺失了注册表清理所有的导出函数定义，没有导出就意味着清理不干净，哪家的，自己看看，改改吧！

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课