Specifically what kind of AV driver are you talking about here? If you're talking about a driver to do on-access scanning, then check out the "scanner" sample in the Windows Driver Development Kit for a great example.
If you're talking about self-protection, please check out the recent thread here.
If you're talking about detecting kernel-mode rootkits, then you may want to take a look at some well-known source code for stuff like:
- Hidden Process Detection
- Hidden Driver Detection
Does that answer your question?