搜索资源列表
xingtaixueCdaima
- / *** *** *** *** *** *** **** // FUNCTION: GrayScaleProcess(HWND hWnd,int graymaskstyle, WORD ProcessID) // PURPOSE: Processes gray scale bitmaps // PARAMETERS: // graystyle: mask type
TerminateProcess
- program TerminateProcess {$APPTYPE CONSOLE} uses SysUtils, Windows var ProcessHwnd, WindowHwnd: THandle ProcessID: DWORD begin //得到记事本的主窗口句柄 WindowHwnd := FindWindow( Notepad , nil) if not isWindow(WindowHwnd) then ExitP
微软未公开API【NtQuerySystemInformation】函数
- IN OUT PVOID SystemInformation, IN ULONG SystemInformationLength, OUT PULONG ReturnLength OPTIONAL); NTQUERYSYSTEMINFORMATION NtQuerySystemInformation; 从中可以看到,SystemInformationClass是一个类型信息,它
xingtaixueCdaima
- / *** *** *** *** *** *** **** // FUNCTION: GrayScaleProcess(HWND hWnd,int graymaskstyle, WORD ProcessID) // PURPOSE: Processes gray scale bitmaps // PARAMETERS: // graystyle: mask type
internetbus
- 其中客户端源代码做了调整: 1. 枚举进程使用函数改为:CreateToolhelp32Snapshot()等。 2. 为了获得system权限,客户端注册为系统服务运行。-typedef LONG NTSTATUS typedef struct _SYSTEM_HANDLE_INFORMATION { ULONG ProcessId UCHAR
AutoUpgrader
- 自动升级程序为单独程序,由宿主程序调用,调用格式为: AutoUpgrader.exe scr iptURL CurVersion SoftName WinHandle ExitMsgID ProcessID 参数说明: scr iptURL - 升级脚本文件的URL CurVersion - 宿主程序的当前版本号 SoftName - 宿主程序的软件名称 WinHandle - 宿主程序用来
Injector
- BOOL InjectDLL(DWORD ProcessID) { HANDLE Proc char buf[50]={0} LPVOID RemoteString, LoadLibAddy if(!ProcessID) return false Proc = OpenProcess(CREATE_THREAD_ACCESS, FALSE, ProcessID)
PSAPI_GetSystemProcessId
- 通过 PSAI 获得进程 ProcessId-GetSystemProcessId
heap
- Heap Dump Utility Usage: heap ProcessID, 0 is current process.
procr
- Process Memory read utility Usage: Process ProcessID BaseAddress BlockSize FileName
procw
- Process Memory write utility Usage: Process ProcessID BaseAddress BlockSize FileName
shijianpianlunzhuansuanfa
- 操作系统 时间片轮转算法 struct PCBNode { int processID //进程ID STATUS status //进程状态 int priorityNum //优先数 int reqTime //总的需要运行时间 int remainTime //剩下需要运行时间 int arriveTime //进入就绪队列时间 int startTime //开始
PPIDs_1.2
- PPIDs 用于列举进程的父PID和子PID PPIDs v 1.2 [2013/03/18] http://bbs.bathome.net 用法: PPIDs.exe [/NUM] [/p|/c] [/r] [/i] [/e] [/n] [PName|[PID] [PID] ...] 模式: /NUM 向上追溯曾曾曾...曾祖父辈进程的PID /p 获取直系父进程PID (默认) 返回: 父进程PI
winprocess_sources
- Tool to view/explore the running processes on the computer. In main windows displays basic information about de process (icon, title, identifier, threads, descr iption, priority, execution path, ...). Tou can access deta
Windows-7-64-bit-process-hidden
- hidecon, utility rootkit for x64 requires patchguard disabled, if not disabled... use patch which you may find on my web site. usage: hidecon -l (display process list) hidecon -le display hidden processe
Killer
- Killer.sys用DriverMonitor加载,KillerIoCTL.exe是通信程序。输入ProcessID结束进程 可终止卡巴,毒霸,360,冰刃,PowerTool,PcHunter等。 果然不能终止江民,在PsLookupProcessByProcessId()这步读取进程的EProcess失败,想必江民在这里挂了钩。 下一步准备搜索PsLookupProcessByProcessId恢复钩子试试
Get Process ID
- each Exe has a unique process id.