-
-
[下载]又一个新的检测ROOTKIT的小工具
-
发表于:
2007-11-10 23:42
12478
-
SafetyCheck is a Tool of Detection RootKit,it is Freeware It only runs on 32bit Windows 2K or 32bit Windows XP.
Release SafetyCheck 1.7 beat
Main Parts:
Hidden Processes Detection
Detect hidden process and process module and thread,Kill process
Hidden Kernel Module Detection
Detect hidden kernel module
SSDT Hooks
Detect and Restorer SSDT Hooks
Code Hooks Detection
Detect Code Hooks
Registry Tool (Temporarily no support operate)
Detect hidden registry
Files Tool
Detect hidden files (Temporarily only support NTFS ,no support operate ,no support ADS)
Analyze big directory possible is slow (as System32 directory)
Environment supported by test version:
32bit Windows 2000
32bit Windows XP
Single CPU without hyperthread
Don't run SOFTICE
http://yyuyao.googlepages.com/home
http://yyuyao.googlepages.com/SafetyCheck1.7Beta.rar
国人写的ARK,不过居然在RKU作者面前说了一句
yes, very simple,myself like RKU。
不过我这里蓝屏了。算是RKU的蓝版。
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
