Explorer-Process-Execution

Inject dll to explorer.exe to prevent file execution.

Requierments:

Microsoft Detours Library - https://github.com/microsoft/Detours

Compile:

Unzip source code, open command line and enter to source directory
SET DETOURS_TARGET_PROCESSOR=X64
C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvars64.bat
NMAKE

Add detours.lib to Linker additional libraries.

Hooked Functions:

NtCreateUserProcess