Skip to content

Commit

Permalink
1.0.0.11:
Browse files Browse the repository at this point in the history 
1.修复Win7-Win8系统回调中Thread类型显示为Process类型
2.新增Ctrl+C复制一行
3.新增监控进程/驱动加载/远线程注入(Stack加载符号比较慢, 取消加载符号将symsrv.dll重命名其他文件名即可)
  • Loading branch information
小丑aq committed Nov 3, 2019
1 parent 6cbbcc8 commit 06c1e4a
Show file tree
Hide file tree
Showing 8 changed files with 35 additions and 1 deletion.
20 changes: 19 additions & 1 deletion Hash.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ CRC32: C618B639

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

File: \YDArk.exe
File: YDArk.exe
Size: 10541056 bytes
File Version: 1.0.0.10
Modified: 2019年10月21日, 12:56:22
Expand All @@ -105,3 +105,21 @@ SHA1: 9124328BE4E980F3919A1E5F300F0ED067D4C4C1
CRC32: FE0B9777

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

File: YDArk.exe
Size: 10477568 bytes
File Version: 1.0.0.11
Modified: 2019年11月3日, 11:51:36
MD5: 5D3A58BA9853615358A22815F795F6AC
SHA1: 5811A79E9CB014908B520C39C0FD874BED488CC1
CRC32: E9012D90

File: YDArkDrv.sys
Size: 4600832 bytes
File Version: 1.0.0.11
Modified: 2019年11月3日, 11:51:10
MD5: 1A62155235109AF862EDE784EE21F9DB
SHA1: EB348A24568B19C353D5690CEF72371F3A604876
CRC32: 59E58A6C

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
8 changes: 8 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,9 @@
26.枚举/启动/停止/暂停/恢复/重启服务
27.枚举/禁用/启用/删除任务计划

// 监控
28.监控进程/驱动加载/远线程注入

1.0.0.6:
1.新增枚举/恢复Disk对象劫持

Expand All @@ -92,3 +95,8 @@
1.修复枚举线程模块BUG
2.优化检测更新
3.新增枚举/移除注册表监控修改回调(注册表窗口右键TREE控件)

1.0.0.11:
1.修复Win7-Win8系统回调中Thread类型显示为Process类型
2.新增Ctrl+C复制一行
3.新增监控进程/驱动加载/远线程注入(Stack加载符号比较慢, 取消加载符号将symsrv.dll重命名其他文件名即可)
Binary file modified YDArk.exe
View file
Binary file not shown.
Binary file modified YDArkDrv.sys
View file
Binary file not shown.
Binary file added dbghelp.dll
View file
Binary file not shown.
Binary file added symsrv.dll
View file
Binary file not shown.
Empty file added symsrv.yes
View file
Empty file.
8 changes: 8 additions & 0 deletions 说明.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,9 @@
26.枚举/启动/停止/暂停/恢复/重启服务
27.枚举/禁用/启用/删除任务计划

// 监控
28.监控进程/驱动加载/远线程注入

1.0.0.6:
1.新增枚举/恢复Disk对象劫持

Expand All @@ -87,3 +90,8 @@
1.修复枚举线程模块BUG
2.优化检测更新
3.新增枚举/移除注册表监控修改回调(注册表窗口右键TREE控件)

1.0.0.11:
1.修复Win7-Win8系统回调中Thread类型显示为Process类型
2.新增Ctrl+C复制一行
3.新增监控进程/驱动加载/远线程注入(Stack加载符号比较慢, 取消加载符号将symsrv.dll重命名其他文件名即可)

0 comments on commit 06c1e4a

Please sign in to comment.