mirror
changelog:
- add support of windows 10rtm, build 14279 & 14295
- add dumping of g_pAuditingFuncs
- add dumping of hal!InterruptController
- add dumping of PICO. Sample of output:
PspPicoProviderRoutines at FFFFF803D2F42EA0:
DispatchSystemCall: FFFFF803B997B4B0 \SystemRoot\system32\drivers\LXCORE.SYS
ExitThread: FFFFF803B997B4E0 \SystemRoot\system32\drivers\LXCORE.SYS
ExitProcess: FFFFF803B997B450 \SystemRoot\system32\drivers\LXCORE.SYS
DispatchException: FFFFF803B997B1E0 \SystemRoot\system32\drivers\LXCORE.SYS
ProcessTerminate: FFFFF803B997B480 \SystemRoot\system32\drivers\LXCORE.SYS
WalkUserStack: FFFFF803B997B630 \SystemRoot\system32\drivers\LXCORE.SYS
ProtectedRanges: FFFFF803B9930400 \SystemRoot\system32\drivers\LXCORE.SYS
GetAllocatedProcessImageName: FFFFF803B997B650 \SystemRoot\system32\drivers\LXCORE.SYS - fix wnf identifiers
- fix WFP callouts for w8.1 & w10
- lots of bugs were fixed
Комментариев нет:
Отправить комментарий