DecryptoniteTeam/Decryptonite — reverse-engineered prompt

Build me a Windows ransomware protection tool called Decryptonite. I want it to quietly watch the hard drives for suspicious file write behavior, especially processes suddenly changing lots of files very fast. It should keep track of parent and child processes together, whitelist normal system and trusted processes, calculate a threat level, and immediately stop a process if it crosses the danger threshold.

Make it lightweight, with a small console app I can run as administrator. When it starts, it should automatically monitor the C drive, show clear status messages, and let me type simple commands to attach or detach other drives, list monitored drives, turn on passive monitoring where it only alerts and does not kill anything, write output to a log file, increase verbosity, and exit cleanly.

This should be built for 64 bit Windows using the normal Windows driver approach for monitoring file system activity. Include setup notes for building, installing the driver, loading it, and running the app. Look up current Windows driver docs if you need to.