文件名称:Eventlogedit-evtx--Evolution:从Windows XML事件日志(EVTX)文件中删除单独的行
文件大小:56KB
文件格式:ZIP
更新时间:2024-05-19 03:53:31
C++
Eventlogedit-evtx--Evolution Remove individual lines from Windows XML Event Log (EVTX) files Support: Win7 and later Compare with DanderSpritz,my way don't need dll injection and support more version(Server2012 and later).(It can be used to delete the setup.evtx,others may be affected by competitive conditions.) Need more test and suggestions. The data structure and some code details are inspired
【文件预览】:
Eventlogedit-evtx--Evolution-master
----DeleteRecordbyGetHandle.cpp(23KB)
----DeleteRecordbyTerminateProcess.cpp(24KB)
----DeleteRecordbyGetHandleEx.cpp(21KB)
----Loader-EvtExportLog.cpp(19KB)
----DeleteRecordofFile.cpp(14KB)
----SuspendorResumeTid.cpp(10KB)
----DeleteRecordbyTerminateProcessEx.cpp(11KB)
----Dll-EvtExportLog.cpp(2KB)
----SetupNew.evtx(68KB)
----Dll-rewriting.cpp(15KB)
----SuspendorResumeTidEx.cpp(10KB)
----System.evtx(68KB)
----Loader-rewriting.cpp(18KB)
----System2.evtx(68KB)
----README.md(5KB)
----DeleteRecord-EvtExportLog.cpp(2KB)
----DeleteRecordofFileEx.cpp(2KB)
----Setup.evtx(68KB)