diff --git a/EDRSandblast/EDRBypass/KernelCallbacks.c b/EDRSandblast/EDRBypass/KernelCallbacks.c
index e3796ce..a96a738 100644
--- a/EDRSandblast/EDRBypass/KernelCallbacks.c
+++ b/EDRSandblast/EDRBypass/KernelCallbacks.c
@@ -484,6 +484,7 @@ TCHAR const* EDR_DRIVERS[] = {
    _T("SE46Filter.sys"),
    // TEHTRI-Security
    _T("egambit.sys"),
+   _T("egfilterk.sys"),
    // Tencent
    _T("TesMon.sys"),
    _T("QQSysMonX64.sys"),
@@ -1852,4 +1853,4 @@ void RemoveAllEDRKernelCallbacks(struct FOUND_EDR_CALLBACKS* edrDrivers, BOOL ve
     RemoveEDR_X_Callbacks(CREATE_PROCESS_ROUTINE, edrDrivers, verbose);
     RemoveEDR_X_Callbacks(CREATE_THREAD_ROUTINE, edrDrivers, verbose);
     RemoveEDR_X_Callbacks(LOAD_IMAGE_ROUTINE, edrDrivers, verbose);
-}
\ No newline at end of file
+}