-
-
[下载]又一个新的检测ROOTKIT的小工具
-
发表于:
2007-11-10 23:42
12406
-
SafetyCheck is a Tool of Detection RootKit,it is Freeware It only runs on 32bit Windows 2K or 32bit Windows XP.
Release SafetyCheck 1.7 beat
Main Parts:
Hidden Processes Detection
Detect hidden process and process module and thread,Kill process
Hidden Kernel Module Detection
Detect hidden kernel module
SSDT Hooks
Detect and Restorer SSDT Hooks
Code Hooks Detection
Detect Code Hooks
Registry Tool (Temporarily no support operate)
Detect hidden registry
Files Tool
Detect hidden files (Temporarily only support NTFS ,no support operate ,no support ADS)
Analyze big directory possible is slow (as System32 directory)
Environment supported by test version:
32bit Windows 2000
32bit Windows XP
Single CPU without hyperthread
Don't run SOFTICE
http://yyuyao.googlepages.com/home
http://yyuyao.googlepages.com/SafetyCheck1.7Beta.rar
国人写的ARK,不过居然在RKU作者面前说了一句
yes, very simple,myself like RKU。
不过我这里蓝屏了。算是RKU的蓝版。
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
