CreateProcessNotify Under the control of the creat

Title: CreateProcessNotify

Category:
Windows Kernel
Tags:
[Windows] [Visual C] [源码]
File Size:
13kb
Update:
2012-11-26
Downloads:
0 Times
Uploaded by:
491310213

Description: Under the control of the creation of a process, the key function of the relationship between the Executive has the following: XP sp3 under: 1.NtCreateProcessEx 2.NtCreateThread 3.CreateProcessNotify, call the callback function to create the process, in PspCreateThread call 4.CreateThreadNotify, create a thread callback call function call in PspCreateThread Vista, Win7 under: 1.NtCreateUserProcess-> PspInsertThread 2.CreateProcessNotify, call the callback function to create the process, in PspInsertThread call, which is NtCreateUserProcess deep 3.CreateThreadNotify, call the callback function to create the process, in PspInsertThread call, that is, the deep NtCreateUserProcess

Downloaders recently: [More information of uploader 491310213]

To Search: createprocessnoti

[threadedprocessviewer.Rar] - reproduced in a process that can achieve
[Gina] - Gina the next delphi example, learning t
[MFC_Multy] - Windows MFC under the basic programming
[NtOpenProcess[InlineHook]] - r0 inline hook sample.
[MD5] - After I optimized the calculation of MD5
[NtCreateThread] - hookNtCreateThread the first time can be
[NtCreateThread] - Driven into the threads of the source, o

File list (Check if you may need any files):

利用CreateProcessNotify监控下一个进程的创建过程\bin\Example.dll
...............................................\...\Loader.exe
...............................................\dll\Example.cpp
...............................................\...\Example.def
...............................................\...\Example.dsp
...............................................\...\Example.dsw
...............................................\...\Example.plg
...............................................\...\ReadMe.txt
...............................................\...\..lease\Example.exp
...............................................\...\.......\Example.lib
...............................................\...\StdAfx.cpp
...............................................\...\StdAfx.h
...............................................\down.dsw
...............................................\exe\Loader.cpp
...............................................\...\Loader.dsp
...............................................\...\Loader.dsw
...............................................\...\Loader.plg
...............................................\removejunk.bat
...............................................\dll\Release
...............................................\exe\Release
...............................................\bin
...............................................\dll
...............................................\exe
利用CreateProcessNotify监控下一个进程的创建过程

Main Category

SourceCode

Web Code

Develop Tools

Document

Other resource

Category

Linux-Unix

Exploit

Scanner

Crack Hack

CA auth

Linux driver

About site

CodeBus www.codebus.net