Bitdefender Hypervisor Memory Introspection
|
Files | |
file | wincmdline.c [code] |
This file handles command line scanning. | |
file | windpi.c [code] |
This file handles Windows Deep Process Inspection checks. | |
file | winprocess.c [code] |
This file handles Windows Processes related events (Creation, Termination, Copy Memory, etc.). | |
file | winprocesshp.c [code] |
file | winstack.c [code] |
file | winthread.c [code] |
This file implements Windows Threads related functionality (obtaining thread information, blocking thread hijacking and APC injections). | |
file | winumcache.c [code] |
This module manages module and exports caches. | |
file | winumcrash.c [code] |
file | winumdoubleagent.c [code] |
file | winummodule.c [code] |
file | winummoduleblock.c [code] |
This file contains the logic that blocks Windows module loads in case of a double agent attack. | |
file | winumpath.c [code] |
This module provides a caching facility for windows user-mode paths, as well as a way of encapsulating the paths in WINUM_PATH objects. | |
file | winuser_checks.c [code] |
This file handles initialization injections into Windows processes. | |