文件名称:EnumHideProcess
- 所属分类:
- 驱动编程
- 资源属性:
- [Windows] [Visual C] [源码]
- 上传时间:
- 2012-11-26
- 文件大小:
- 176kb
- 下载次数:
- 0次
- 提 供 者:
- ma***
- 相关连接:
- 无
- 下载说明:
- 别用迅雷下载,失败请重下,重下不扣分!
介绍说明--下载内容均来自于网络,请自行研究使用
使用内核方法检测隐藏的进程,包括完整的ring0代码。-Use the kernel method to hide the process, including the complete code ring0.
(系统自动生成,下载前可以参看下载内容)
下载文件列表
基于PspCidTable的进程检测
.........................\app
.........................\...\procapp.clw
.........................\...\procapp.cpp
.........................\...\procapp.dsp
.........................\...\procapp.dsw
.........................\...\procapp.h
.........................\...\procapp.rc
.........................\...\procappDlg.cpp
.........................\...\procappDlg.h
.........................\...\ReadMe.txt
.........................\...\res
.........................\...\...\procapp.rc2
.........................\...\Resource.h
.........................\...\StdAfx.cpp
.........................\...\StdAfx.h
.........................\GetPeb
.........................\......\Debug
.........................\......\GetPeb.cpp
.........................\......\GetPeb.dsp
.........................\......\GetPeb.dsw
.........................\......\GetPeb.ncb
.........................\......\GetPeb.opt
.........................\......\ReadMe.txt
.........................\......\StdAfx.cpp
.........................\......\StdAfx.h
.........................\sys
.........................\...\buildchk.log
.........................\...\buildchk_wnet_x86.log
.........................\...\ListProc.h
.........................\...\ListProcess.c
.........................\...\ListProcess.dsp
.........................\...\ListProcess.dsw
.........................\...\makefile
.........................\...\objchk_wnet_x86
.........................\...\...............\i386
.........................\...\...............\....\listprocess.obj
.........................\...\...............\....\ListProcess.pdb
.........................\...\...............\....\ListProcess.sys
.........................\...\...............\_objects.mac
.........................\...\readme.txt
.........................\...\sources
搜索内存枚举进程
................\app
................\...\Instdrv.c
................\...\res
................\...\...\SampleDriver.rc2
................\...\Resource.h
................\...\SampleDriver.clw
................\...\SampleDriver.cpp
................\...\SampleDriver.dsp
................\...\SampleDriver.dsw
................\...\SampleDriver.h
................\...\SampleDriver.rc
................\...\SampleDriverDlg.cpp
................\...\SampleDriverDlg.h
................\...\StdAfx.cpp
................\...\StdAfx.h
................\sys
................\...\buildchk.log
................\...\buildchk_wnet_x86.log
................\...\MAKEFILE
................\...\obj
................\...\...\_objects.mac
................\...\objchk
................\...\......\i386
................\...\......\....\processenum.obj
................\...\......\....\resource.res
................\...\......\....\safepsenum.pdb
................\...\......\....\safepsenum.sys
................\...\objchk_wnet_x86
................\...\...............\i386
................\...\...............\....\processenum.obj
................\...\...............\....\resource.res
................\...\...............\....\safepsenum.pdb
................\...\...............\....\safepsenum.sys
................\...\...............\_objects.mac
................\...\processenum.c
................\...\processenum.h
................\...\record.log
................\...\resource.aps
................\...\resource.h
................\...\resource.rc
................\...\SafePsEnum.dsp
................\...\SafePsEnum.dsw
................\...\Sources
.........................\app
.........................\...\procapp.clw
.........................\...\procapp.cpp
.........................\...\procapp.dsp
.........................\...\procapp.dsw
.........................\...\procapp.h
.........................\...\procapp.rc
.........................\...\procappDlg.cpp
.........................\...\procappDlg.h
.........................\...\ReadMe.txt
.........................\...\res
.........................\...\...\procapp.rc2
.........................\...\Resource.h
.........................\...\StdAfx.cpp
.........................\...\StdAfx.h
.........................\GetPeb
.........................\......\Debug
.........................\......\GetPeb.cpp
.........................\......\GetPeb.dsp
.........................\......\GetPeb.dsw
.........................\......\GetPeb.ncb
.........................\......\GetPeb.opt
.........................\......\ReadMe.txt
.........................\......\StdAfx.cpp
.........................\......\StdAfx.h
.........................\sys
.........................\...\buildchk.log
.........................\...\buildchk_wnet_x86.log
.........................\...\ListProc.h
.........................\...\ListProcess.c
.........................\...\ListProcess.dsp
.........................\...\ListProcess.dsw
.........................\...\makefile
.........................\...\objchk_wnet_x86
.........................\...\...............\i386
.........................\...\...............\....\listprocess.obj
.........................\...\...............\....\ListProcess.pdb
.........................\...\...............\....\ListProcess.sys
.........................\...\...............\_objects.mac
.........................\...\readme.txt
.........................\...\sources
搜索内存枚举进程
................\app
................\...\Instdrv.c
................\...\res
................\...\...\SampleDriver.rc2
................\...\Resource.h
................\...\SampleDriver.clw
................\...\SampleDriver.cpp
................\...\SampleDriver.dsp
................\...\SampleDriver.dsw
................\...\SampleDriver.h
................\...\SampleDriver.rc
................\...\SampleDriverDlg.cpp
................\...\SampleDriverDlg.h
................\...\StdAfx.cpp
................\...\StdAfx.h
................\sys
................\...\buildchk.log
................\...\buildchk_wnet_x86.log
................\...\MAKEFILE
................\...\obj
................\...\...\_objects.mac
................\...\objchk
................\...\......\i386
................\...\......\....\processenum.obj
................\...\......\....\resource.res
................\...\......\....\safepsenum.pdb
................\...\......\....\safepsenum.sys
................\...\objchk_wnet_x86
................\...\...............\i386
................\...\...............\....\processenum.obj
................\...\...............\....\resource.res
................\...\...............\....\safepsenum.pdb
................\...\...............\....\safepsenum.sys
................\...\...............\_objects.mac
................\...\processenum.c
................\...\processenum.h
................\...\record.log
................\...\resource.aps
................\...\resource.h
................\...\resource.rc
................\...\SafePsEnum.dsp
................\...\SafePsEnum.dsw
................\...\Sources