Kernel Driver not loading after latest Windows 11 update #6
Description
Valthrun Kernel Driver
Failed to initialize the Valthrun Kernel Driver version 0.3.4:
Code: 0xCF000003
Error: initialize NT_OFFSETS
Caused by:
Failed to find _EPROCESS.ThreadListHead
For more information please refer to
https://wiki.valth.run/link/vtdk-1
OK
.\kdmapper.exe .\kernel_driver.sys
[<] Loading vulnerable driver, Name: FOmPFpZkcIFfueYPGXWRPwMqMLF
[+] NtLoadDriver Status 0x0
[+] PiDDBLock found with third pattern
[+] PiDDBCacheTable found with second pattern
[+] PiDDBLock Ptr 0xfffff800e6dcb88b
[+] PiDDBCacheTable Ptr 0xfffff800e6dcb713
[+] PiDDBLock Locked
[+] Found Table Entry = 0xFFFFBF0814068120
[+] PiDDBCacheTable Cleaned
[+] g_KernelHashBucketList Found 0xFFFFF800788B1090
[+] g_HashCacheLock Locked
[+] Found In g_KernelHashBucketList: FOmPFpZkcIFfueYPGXWRPwMqMLF
[+] g_KernelHashBucketList Cleaned
[+] MmUnloadedDrivers Cleaned: FOmPFpZkcIFfueYPGXWRPwMqMLF
[+] WdFilterDriverList Cleaned: \Users\xuxa\AppData\Local\Temp\FOmPFpZkcIFfueYPGXWRPwMqMLF
[+] Image base has been allocated at 0xFFFFE783214E0000
[+] Skipped 0x1000 bytes of PE Header
[+] Load config directory wasn't found, probably StackCookie not defined, fix cookie skipped
[<] Calling DriverEntry 0xFFFFE783214E0060
[+] Callback example called
[+] DriverEntry returned 0xcf000003
[<] Unloading vulnerable driver
[+] NtUnloadDriver Status 0x0
[+] Vul driver data destroyed before unlink
[+] success