SysEnter Hook

#include <ntddk.h>ULONG g_OldKiFastCallEntry; // Original value of ntoskrnl!KiFastCallEntryVOID OnUnload( IN PDRIVER_OBJECT DriverObject ){    _asm    {        mov ecx, 0x176        xor edx,edx        mov eax, g_OldKiFastCallEntry     // Hook function address        wrmsr                        // Write to the IA32_SYSENTER_EIP register      }}// Hook function__declspec(naked) MyKiFastCallEntry(){  __asm {    jmp [g_OldKiFastCallEntry]  }}NTSTATUS DriverEntry( IN PDRIVER_OBJECT pDriverObject, IN PUNICODE_STRING pRegistryPath ){  pDriverObject->DriverUnload  = OnUnload;   __asm {        mov ecx, 0x176        rdmsr                 // read the value of the IA32_SYSENTER_EIP register        mov g_OldKiFastCallEntry, eax        mov eax, MyKiFastCallEntry     // Hook function address        wrmsr                        // Write to the IA32_SYSENTER_EIP register  }  return STATUS_SUCCESS;}