Description: 自己写的API-Hook。hook的函数是CreateProcessA和CreateProcessW。就是说可以检测进程创建。还有2处不完善。一个是创建程序的路径没能很好的显示。另一个退出时有点系统异常。-himself wrote the API - Hook. The hook function is CreateProcessA and CreateProcessW. Say can detect the creation process. There are two imperfect. One is to establish procedures for the path failed to show good. Another system to pull out a bit unusual. Platform: |
Size: 142733 |
Author:林风 |
Hits:
Description: 工作需要,想控制进程的创建,于是HOOK了ZwCreateProcess,后来发现xp和2003中创建进程的都用NtCreateProcessEx-work needs to control the process of creation, then the ZwCreateProcess HOOK, later found xp 2003 and the process of creating both NtCreateProcessEx Platform: |
Size: 9216 |
Author:龙 |
Hits:
Description: 自己写的API-Hook。hook的函数是CreateProcessA和CreateProcessW。就是说可以检测进程创建。还有2处不完善。一个是创建程序的路径没能很好的显示。另一个退出时有点系统异常。-himself wrote the API- Hook. The hook function is CreateProcessA and CreateProcessW. Say can detect the creation process. There are two imperfect. One is to establish procedures for the path failed to show good. Another system to pull out a bit unusual. Platform: |
Size: 142336 |
Author:林风 |
Hits:
Search - hook createprocessA