forked from mohuihui/antispy
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit baa84d8
Showing
647 changed files
with
227,228 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,121 @@ | ||
| 木兰宽松许可证, 第1版 | ||
|
|
||
| 2019年8月 http://license.coscl.org.cn/MulanPSL | ||
|
|
||
| 您对“软件”的复制、使用、修改及分发受木兰宽松许可证,第1版(“本许可证”)的如下条款的约束: | ||
|
|
||
| 0. 定义 | ||
|
|
||
| “软件”是指由“贡献”构成的许可在“本许可证”下的程序和相关文档的集合。 | ||
|
|
||
| “贡献者”是指将受版权法保护的作品许可在“本许可证”下的自然人或“法人实体”。 | ||
|
|
||
| “法人实体”是指提交贡献的机构及其“关联实体”。 | ||
|
|
||
| “关联实体”是指,对“本许可证”下的一方而言,控制、受控制或与其共同受控制的机构,此处的控制是指有受控方或共同受控方至少50%直接或间接的投票权、资金或其他有价证券。 | ||
|
|
||
| “贡献”是指由任一“贡献者”许可在“本许可证”下的受版权法保护的作品。 | ||
|
|
||
| 1. 授予版权许可 | ||
|
|
||
| 每个“贡献者”根据“本许可证”授予您永久性的、全球性的、免费的、非独占的、不可撤销的版权许可,您可以复制、使用、修改、分发其“贡献”,不论修改与否。 | ||
|
|
||
| 2. 授予专利许可 | ||
|
|
||
| 每个“贡献者”根据“本许可证”授予您永久性的、全球性的、免费的、非独占的、不可撤销的(根据本条规定撤销除外)专利许可,供您制造、委托制造、使用、许诺销售、销售、进口其“贡献”或以其他方式转移其“贡献”。前述专利许可仅限于“贡献者”现在或将来拥有或控制的其“贡献”本身或其“贡献”与许可“贡献”时的“软件”结合而将必然会侵犯的专利权利要求,不包括仅因您或他人修改“贡献”或其他结合而将必然会侵犯到的专利权利要求。如您或您的“关联实体”直接或间接地(包括通过代理、专利被许可人或受让人),就“软件”或其中的“贡献”对任何人发起专利侵权诉讼(包括反诉或交叉诉讼)或其他专利维权行动,指控其侵犯专利权,则“本许可证”授予您对“软件”的专利许可自您提起诉讼或发起维权行动之日终止。 | ||
|
|
||
| 3. 无商标许可 | ||
|
|
||
| “本许可证”不提供对“贡献者”的商品名称、商标、服务标志或产品名称的商标许可,但您为满足第4条规定的声明义务而必须使用除外。 | ||
|
|
||
| 4. 分发限制 | ||
|
|
||
| 您可以在任何媒介中将“软件”以源程序形式或可执行形式重新分发,不论修改与否,但您必须向接收者提供“本许可证”的副本,并保留“软件”中的版权、商标、专利及免责声明。 | ||
|
|
||
| 5. 免责声明与责任限制 | ||
|
|
||
| “软件”及其中的“贡献”在提供时不带任何明示或默示的担保。在任何情况下,“贡献者”或版权所有者不对任何人因使用“软件”或其中的“贡献”而引发的任何直接或间接损失承担责任,不论因何种原因导致或者基于何种法律理论,即使其曾被建议有此种损失的可能性。 | ||
|
|
||
| 条款结束 | ||
|
|
||
| 如何将木兰宽松许可证,第1版,应用到您的软件 | ||
|
|
||
| 如果您希望将木兰宽松许可证,第1版,应用到您的新软件,为了方便接收者查阅,建议您完成如下三步: | ||
|
|
||
| 1, 请您补充如下声明中的空白,包括软件名、软件的首次发表年份以及您作为版权人的名字; | ||
|
|
||
| 2, 请您在软件包的一级目录下创建以“LICENSE”为名的文件,将整个许可证文本放入该文件中; | ||
|
|
||
| 3, 请将如下声明文本放入每个源文件的头部注释中。 | ||
|
|
||
| Copyright (c) [2019] [name of copyright holder] | ||
| [Software Name] is licensed under the Mulan PSL v1. | ||
| You can use this software according to the terms and conditions of the Mulan PSL v1. | ||
| You may obtain a copy of Mulan PSL v1 at: | ||
| http://license.coscl.org.cn/MulanPSL | ||
| THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR | ||
| IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR | ||
| PURPOSE. | ||
| See the Mulan PSL v1 for more details. | ||
|
|
||
|
|
||
|
|
||
| Mulan Permissive Software License,Version 1 | ||
|
|
||
| Mulan Permissive Software License,Version 1 (Mulan PSL v1) | ||
|
|
||
| August 2019 http://license.coscl.org.cn/MulanPSL | ||
|
|
||
| Your reproduction, use, modification and distribution of the Software shall be subject to Mulan PSL v1 (this License) with following terms and conditions: | ||
|
|
||
| 0. Definition | ||
|
|
||
| Software means the program and related documents which are comprised of those Contribution and licensed under this License. | ||
|
|
||
| Contributor means the Individual or Legal Entity who licenses its copyrightable work under this License. | ||
|
|
||
| Legal Entity means the entity making a Contribution and all its Affiliates. | ||
|
|
||
| Affiliates means entities that control, or are controlled by, or are under common control with a party to this License, ‘control’ means direct or indirect ownership of at least fifty percent (50%) of the voting power, capital or other securities of controlled or commonly controlled entity. | ||
|
|
||
| Contribution means the copyrightable work licensed by a particular Contributor under this License. | ||
|
|
||
| 1. Grant of Copyright License | ||
|
|
||
| Subject to the terms and conditions of this License, each Contributor hereby grants to you a perpetual, worldwide, royalty-free, non-exclusive, irrevocable copyright license to reproduce, use, modify, or distribute its Contribution, with modification or not. | ||
|
|
||
| 2. Grant of Patent License | ||
|
|
||
| Subject to the terms and conditions of this License, each Contributor hereby grants to you a perpetual, worldwide, royalty-free, non-exclusive, irrevocable (except for revocation under this Section) patent license to make, have made, use, offer for sale, sell, import or otherwise transfer its Contribution where such patent license is only limited to the patent claims owned or controlled by such Contributor now or in future which will be necessarily infringed by its Contribution alone, or by combination of the Contribution with the Software to which the Contribution was contributed, excluding of any patent claims solely be infringed by your or others’ modification or other combinations. If you or your Affiliates directly or indirectly (including through an agent, patent licensee or assignee), institute patent litigation (including a cross claim or counterclaim in a litigation) or other patent enforcement activities against any individual or entity by alleging that the Software or any Contribution in it infringes patents, then any patent license granted to you under this License for the Software shall terminate as of the date such litigation or activity is filed or taken. | ||
|
|
||
| 3. No Trademark License | ||
|
|
||
| No trademark license is granted to use the trade names, trademarks, service marks, or product names of Contributor, except as required to fulfill notice requirements in section 4. | ||
|
|
||
| 4. Distribution Restriction | ||
|
|
||
| You may distribute the Software in any medium with or without modification, whether in source or executable forms, provided that you provide recipients with a copy of this License and retain copyright, patent, trademark and disclaimer statements in the Software. | ||
|
|
||
| 5. Disclaimer of Warranty and Limitation of Liability | ||
|
|
||
| The Software and Contribution in it are provided without warranties of any kind, either express or implied. In no event shall any Contributor or copyright holder be liable to you for any damages, including, but not limited to any direct, or indirect, special or consequential damages arising from your use or inability to use the Software or the Contribution in it, no matter how it’s caused or based on which legal theory, even if advised of the possibility of such damages. | ||
|
|
||
| End of the Terms and Conditions | ||
|
|
||
| How to apply the Mulan Permissive Software License,Version 1 (Mulan PSL v1) to your software | ||
|
|
||
| To apply the Mulan PSL v1 to your work, for easy identification by recipients, you are suggested to complete following three steps: | ||
|
|
||
| 1. Fill in the blanks in following statement, including insert your software name, the year of the first publication of your software, and your name identified as the copyright owner; | ||
| 2. Create a file named “LICENSE” which contains the whole context of this License in the first directory of your software package; | ||
| 3. Attach the statement to the appropriate annotated syntax at the beginning of each source file. | ||
|
|
||
| Copyright (c) [2019] [name of copyright holder] | ||
| [Software Name] is licensed under the Mulan PSL v1. | ||
| You can use this software according to the terms and conditions of the Mulan PSL v1. | ||
| You may obtain a copy of Mulan PSL v1 at: | ||
| http://license.coscl.org.cn/MulanPSL | ||
| THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR | ||
| IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR | ||
| PURPOSE. | ||
| See the Mulan PSL v1 for more details. |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,238 @@ | ||
| AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors. | ||
|
|
||
| Warning: | ||
| I hope the AntiSpy can be useful to you,but I can not be held responsible for any error or negligence derived therefrom,you use it at your own risk. | ||
|
|
||
| ************************************************************************************* | ||
|
|
||
| Our progress comes from our users. Help us be better. | ||
|
|
||
| Thanks | ||
| quark, xanax, EP_X0FF, STRELiTZIA, Petra. (Ps. This list is in no particular order) | ||
|
|
||
| ************************************************************************************* | ||
|
|
||
| Email: zhenfei.mzf@gmail.com | ||
|
|
||
| If you have any need,please feel free to contact with me. | ||
| eg: | ||
| 1.If there is any problem with your system,I will help you for free. | ||
| 2.If you have some good ideas or advices,please tell me.I can improve AntiSpy in future versions. | ||
| 3.If AntiSpy makes your system BSoD,or AntiSpy application crash,send the dump file to me. | ||
|
|
||
| ************************************************************************************* | ||
|
|
||
| Default Colors | ||
|
|
||
| *Process Manager: | ||
| Hidden process - Red | ||
| The corporation of process is Microsoft - Black | ||
| Normal process,the corporation is not Microsoft - Blue | ||
| Microsoft's process have other corporation modules - Orange | ||
|
|
||
| *File Manager: | ||
| System files(folders) - Red | ||
| Hidden files(folders) - Gray | ||
| Normal files(folders) - Black | ||
|
|
||
| *General: | ||
| No signature module - Purple | ||
| Hidden objects or hooks - Red | ||
| The corporation of module is Microsoft - Black | ||
| Normal module,the corporation is not Microsoft - Blue | ||
|
|
||
| ************************************************************************************* | ||
|
|
||
| Default Hotkeys | ||
| Show AntiSpy main window - Ctrl + Alt + Shift + A | ||
| Show process modules - Ctrl + Alt + Shift + M | ||
| Show process threas - Ctrl + Alt + Shift + T | ||
| Show process handles - Ctrl + Alt + Shift + H | ||
| Show process windows - Ctrl + Alt + Shift + W | ||
| Show process memory - Ctrl + Alt + Shift + E | ||
| Show process hotkeys - Ctrl + Alt + Shift + O | ||
| Show process privileges - Ctrl + Alt + Shift + P | ||
| Show process timers - Ctrl + Alt + Shift + I | ||
|
|
||
| ************************************************************************************* | ||
|
|
||
| Currently,the following features are available(including but not limited to): | ||
|
|
||
| *Process Manager | ||
| Display system process and thread basic informations. | ||
| Detect hidden processes,threads,process modules. | ||
| Terminate, suspend and resume processes and threads. | ||
| View and manipulate process handles,windows and memory regions. | ||
| View and manipulate process hotkeys,privileges,and timers. | ||
| Detect and restore process hooks incluing inline hooks,patches,iat and eat hooks. | ||
| Inject dll,dump process memory. | ||
| Create debug dump,inclue mini dump and full dump. | ||
|
|
||
| *Kernel Module Viewer | ||
| Display kernel module basic information,include image base,size,driver object,and so on. | ||
| Detect hidden kernel modules. | ||
| Unload kernel modules. | ||
| Dump kernel image memory. | ||
| Display and delete system driver service informations. | ||
|
|
||
| *Hook Detector | ||
| Detect and restore SSDT,Shadow SSDT,sysenter and int2e hooks. | ||
| Detect and restore FSD and keyboard disptach hooks. | ||
| Detect and restore kernel code hooks including kernel inline hooks,patches,iat and eat hooks. | ||
| Detect and restore message hooks,both global and local. | ||
| Detect and restore kernel ObjectType hooks. | ||
| Display Interrupt Descriptor Table(IDT). | ||
|
|
||
| *Other Kernel Information Viewer | ||
| View and remove kernel notifications. | ||
| View filters for common devices include disk,volume,keyboard and network devices. | ||
| View IO timers,DPC timers,system threads,and so on. | ||
|
|
||
| *Registry Manager | ||
| View and edit system registry. | ||
| Detect hidden registry entries using live registry hive analysis. | ||
|
|
||
| *File Manager | ||
| Display file basic information,include file name,size,attributes,and so on. | ||
| Detect hidden files. | ||
| View and delete locked files and folders. | ||
|
|
||
| *Service Manager | ||
| Display system services basic informations. | ||
| Control services status. | ||
| Modify services startup type. | ||
|
|
||
| *Autorun Manager | ||
| Display almost all kinds of system autorun types. | ||
| Enable,disable or permanently delete autoruns. | ||
|
|
||
| *Network Viewer | ||
| Display current network connections,include TCP and UDP informations. | ||
| View and delete IE plugins and context menu. | ||
| Display winsock providers(LSP). | ||
| View and edit hosts file. | ||
|
|
||
| *Other Tools | ||
| Hex Editor - View and edit memory,include ring3 process memory and ring0 system memory. | ||
| Disassembler - Like OllyDBG,support ring3 process memory and ring0 system memory. | ||
|
|
||
| *Settings | ||
| Custom color settings. | ||
|
|
||
| ************************************************************************************* | ||
|
|
||
| Change Log | ||
| V1.9 (2013-07-13) | ||
| Added: | ||
| 1.Enumerate and fix file association | ||
| 2.Enumerate image hijacks | ||
| 3.Enumerate IME | ||
| 4.Added anti screen logger feature | ||
| 5.Added reset hosts file to default feature | ||
|
|
||
| Modified: | ||
| 1.Fixed several bugs | ||
|
|
||
| V1.8 (2013-06-28) | ||
| Added: | ||
| 1.Search process handles | ||
| 2.Import registry | ||
| 3.Registry unlocker | ||
| 4.Fix LSP | ||
| 5.Self-Defense | ||
| 6.MBR check and fix | ||
| 7.More advanced features,such as force reboot, fix safeboot. | ||
|
|
||
| Modified: | ||
| 1.Fixed a BSoD bug | ||
| 2.Modify the default hotkeys | ||
| 3.GUI improvements | ||
|
|
||
| V1.7 (2013-06-02) | ||
| Added: | ||
| 1.File manager added search online feature | ||
| 2.File manager added calc and compare MD5,SHA1 feature | ||
| 4.Registry manager supported key abbreviation,eg.HKEY_CURRENT_USER->HKCU | ||
| 5.Added view and delete IE plugins and context menu | ||
| 6.Added a tools tab | ||
| 7.Added detect more autorun items,and you can enable or disable it | ||
|
|
||
| Modified: | ||
| 1.Fixed a BSoD bug | ||
| 2.Fixed the bug which antispy can not be normal displayed in some win8 system | ||
| 3.GUI improvements | ||
|
|
||
| V1.6 (2013-05-16) | ||
| Add: | ||
| 1.Added a network tab. | ||
| 2.View and edit hosts file. | ||
| 3.Display current network connections | ||
| 4.View LSP informations | ||
|
|
||
| Modify: | ||
| 1.Fixed several other bugs. | ||
|
|
||
| V1.5 (2013-04-28) | ||
| Added: | ||
| 1.Added a file manager | ||
| 2.Added custom color settings | ||
| 3.Process manager added display process started time | ||
|
|
||
| Modified: | ||
| 1.Fixed the bug which antispy can not be normal displayed in some computers.(Thanks EP_X0FF for his feedback and test). | ||
| 2.Optimized display Message hooks | ||
| 3.GUI improvements | ||
| 4.Fixed several bugs | ||
|
|
||
| V1.4 (2013-03-30) | ||
| Add: | ||
| 1.The border of the window can be stretched. | ||
| 2.Registry manager added hive analysis. | ||
| 3.Added a config tab. | ||
| 4.Added a lower pane to display process modules. | ||
| 5.Display process detail informations as a tooltips window. | ||
| 6.Added hot keys to view process modules,threads,handles and so on. | ||
| 7.Added a "quick positioning" feature in registry tab. | ||
| 8.Added a "Find" feature in registry tab. | ||
| 9.Added a hex editer in process memory dialog. | ||
|
|
||
| Modify: | ||
| 1.Fixed several bugs. | ||
| 2.Optimized the UI. | ||
|
|
||
| V1.3 (2013-03-18) | ||
| Added: | ||
| 1.Added edit REG_BINARG type values feature | ||
| 2.Added rename keys and values feature | ||
| 3.Process modules dialog added unload and delete file feature | ||
| 4.Process manager added inject dll feature | ||
|
|
||
| Modified: | ||
| 1.Optimized detect SSDT HOOK | ||
| 2.Optimized registry manager | ||
| 3.Optimized process tree | ||
| 4.Fixed some translation problems of English version | ||
| 5.GUI improvements | ||
|
|
||
| V1.2 (2013-03-06) | ||
| Added: | ||
| 1.Added show process tree feature | ||
| 2.Added kill process tree feature | ||
|
|
||
| Modified: | ||
| 1.Fixed several bugs | ||
|
|
||
| V1.1 (2013-02-25) | ||
| Added: | ||
| 1.Added scan process hooks feature | ||
| 2.Added view process detail informations feature | ||
| 3.Added create debug dump feature | ||
|
|
||
| Modified: | ||
| 1.Optimized search online feature | ||
| 2.Optimized open file in kernel | ||
| 3.Fixed two BSoD bugs | ||
| 4.GUI improvements | ||
|
|
||
| V1.0 (2013-01-16) | ||
| 1.Finished the first version |
Oops, something went wrong.