文件名称:arktool
- 所属分类:
- 钩子与API截获
- 资源属性:
- [Windows] [Visual C] [源码]
- 上传时间:
- 2012-11-26
- 文件大小:
- 3.39mb
- 下载次数:
- 1次
- 提 供 者:
- 虫*
- 相关连接:
- 无
- 下载说明:
- 别用迅雷下载,失败请重下,重下不扣分!
介绍说明--下载内容均来自于网络,请自行研究使用
1、息钩子监视:列举系统上的消息钩子。
2、块加载监视:列举系统上加载的所有内核模块
3、SSDT监视:通过得到原始的SSDT地址来得到被恶意程序HOOK的API以及恢复SSDT
4、注册表保护:对一些重要的注册表项进行保护,防止恶意程序对其进行修改。
5、隐藏进程检测:检测出系统中隐藏的进程。
6、隐藏端口检测:检测出系统中隐藏的端口。
7、进程强杀:能够*系统中的对自身保护的恶意进程。-1, the interest rate hook monitoring: list of system messages on the hook. 2, block load monitoring: list of all the system loads the kernel modules 3, SSDT Monitor: SSDT get the original address to get the API HOOK malicious program and restore SSDT 4, registry protection: some important registry item for protection against malicious programs modify. 5, the hidden process detection: detection of hidden system process. 6, hidden port detection: the system detected the hidden port. 7, strong kill the process: the system can kill self-protection against malicious processes.
2、块加载监视:列举系统上加载的所有内核模块
3、SSDT监视:通过得到原始的SSDT地址来得到被恶意程序HOOK的API以及恢复SSDT
4、注册表保护:对一些重要的注册表项进行保护,防止恶意程序对其进行修改。
5、隐藏进程检测:检测出系统中隐藏的进程。
6、隐藏端口检测:检测出系统中隐藏的端口。
7、进程强杀:能够*系统中的对自身保护的恶意进程。-1, the interest rate hook monitoring: list of system messages on the hook. 2, block load monitoring: list of all the system loads the kernel modules 3, SSDT Monitor: SSDT get the original address to get the API HOOK malicious program and restore SSDT 4, registry protection: some important registry item for protection against malicious programs modify. 5, the hidden process detection: detection of hidden system process. 6, hidden port detection: the system detected the hidden port. 7, strong kill the process: the system can kill self-protection against malicious processes.
(系统自动生成,下载前可以参看下载内容)
下载文件列表
源代码\CUI\appface.dll
......\...\AppFace.h
......\...\appface.lib
......\...\appfaceu.lib
......\...\BITMAP1.BMP
......\...\Debug\appface.dll
......\...\.....\office2007_af.urf
......\...\.....\SSDT.exe
......\...\.....\SSDT.ilk
......\...\.....\SSDT.obj
......\...\.....\SSDT.pch
......\...\.....\SSDT.pdb
......\...\.....\SSDT.res
......\...\.....\SSDT.sbr
......\...\.....\SSDT.sys
......\...\.....\vc60.idb
......\...\.....\vc60.pdb
......\...\fzu.bmp
......\...\fzubackground.bmp
......\...\IOCTL.h
......\...\newsysmon.bmp
......\...\office2007_af.urf
......\...\resource.h
......\...\SSDT.APS
......\...\SSDT.CPP
......\...\SSDT.dsp
......\...\SSDT.dsw
......\...\SSDT.h
......\...\SSDT.ico
......\...\SSDT.ncb
......\...\SSDT.opt
......\...\SSDT.plg
......\...\SSDT.RC
......\...\sysmon.bmp
......\...\TOOLBAR.BMP
......\SYS\buildchk_wxp_x86.log
......\...\buildchk_wxp_x86.wrn
......\...\IOCTL.h
......\...\MAKEFILE
......\...\objchk_wxp_x86\i386\ssdt.obj
......\...\..............\....\_objects.mac
......\...\SOURCES
......\...\SSDT.c
......\...\sys\i386\SSDT.pdb
......\...\...\....\SSDT.sys
ReadMe.txt
源代码\SYS\objchk_wxp_x86\i386
......\...\sys\i386
......\CUI\Debug
......\SYS\objchk_wxp_x86
......\...\sys
......\CUI
......\SYS
源代码
......\...\AppFace.h
......\...\appface.lib
......\...\appfaceu.lib
......\...\BITMAP1.BMP
......\...\Debug\appface.dll
......\...\.....\office2007_af.urf
......\...\.....\SSDT.exe
......\...\.....\SSDT.ilk
......\...\.....\SSDT.obj
......\...\.....\SSDT.pch
......\...\.....\SSDT.pdb
......\...\.....\SSDT.res
......\...\.....\SSDT.sbr
......\...\.....\SSDT.sys
......\...\.....\vc60.idb
......\...\.....\vc60.pdb
......\...\fzu.bmp
......\...\fzubackground.bmp
......\...\IOCTL.h
......\...\newsysmon.bmp
......\...\office2007_af.urf
......\...\resource.h
......\...\SSDT.APS
......\...\SSDT.CPP
......\...\SSDT.dsp
......\...\SSDT.dsw
......\...\SSDT.h
......\...\SSDT.ico
......\...\SSDT.ncb
......\...\SSDT.opt
......\...\SSDT.plg
......\...\SSDT.RC
......\...\sysmon.bmp
......\...\TOOLBAR.BMP
......\SYS\buildchk_wxp_x86.log
......\...\buildchk_wxp_x86.wrn
......\...\IOCTL.h
......\...\MAKEFILE
......\...\objchk_wxp_x86\i386\ssdt.obj
......\...\..............\....\_objects.mac
......\...\SOURCES
......\...\SSDT.c
......\...\sys\i386\SSDT.pdb
......\...\...\....\SSDT.sys
ReadMe.txt
源代码\SYS\objchk_wxp_x86\i386
......\...\sys\i386
......\CUI\Debug
......\SYS\objchk_wxp_x86
......\...\sys
......\CUI
......\SYS
源代码