Description: This is a very good kernel-level HOOK API examples, I would like to look at the effects inside the bin folder can be compiled procedures, which did not materialize to monitor the kernel, processes and registry monitoring has been completed. This code is absolutely able to successfully compile, because the code is hookzwcreateprocess in process-driven equipment, so the compiler set up the environment more complex, so in this compression bag also contains a small tutorial to teach you to build in vc 6.0 device driver development program environment, and带了个samples. Statement: This program runs under XP, in 2000 will cause a blue screen
- [monitor_pro] - Monitor the process of time, running the
- [PrintMon] - Using VC to monitor the realization of p
- [oob] - an attack remote computer code blue
- [RegSafe] - maintain a registry of small programs, d
- [VipshellSrc] - declared : This software is for learning
- [hook_api_SDK] - Microsoft's interception api development
- [CreateProcessInternalA] - HOOK to do recently in the process of cr
- [ProcessThreadmonitor] - Driver-class code, used to monitor syste
- [mapfile_test] - visual c++ in the operation of memory-ma
- [BlueXP] - XP Blue Screen of code, first forged fak
File list (Check if you may need any files):