안티 루트킷 탐지 툴로 유명한 XueTr 프로그램이 이름이 바뀌어서 새롭게 나왓네요.
새롭게 변경 된 이름은 PC Hunter 입니다.
기존의 XueTr 프로그램은 64Bit가 지원되지 않아서 좀 기다리고 있었는데, 이미 새로운 이름으로 바뀌어서 출시를 했군요.
- PC Hunter 다운로드 : http://down.epoolsoft.com/pchunter/PCHunter_free.zip
이번 1.1 업데이트에서는 다음과 같이 수정되었습니다.
지원가능 한 OS :
Windows 2000 SP4 (32-bit only)
Windows XP (32-bit only)
Windows Server 2003 (32-bit only)
Windows Vista (32-bit only)
Windows Server 2008 (32-bit only)
Windows 7 (32/64)
Windows 8 (32/64)
기능 개선 :
1. Process, thread, process modules, process window, process memory View, kill process, kill the thread, uninstall module functions
2. kernel driver module view, to support the memory copy of the kernel driver module View
3. SSDT, Shadow SSDT, FSD, KBD, TCPIP, Classpnp, Atapi, Acpi, SCSI, IDT, GDT, and can detect and
restore ssdt hook and inline hook
4. CreateProcess, CreateThread, LoadImage, CmpCallback, BugCheckCallback, Shutdown,
Lego Notify Routine View, and support the deletion of these Notify Routine
5. Port View 2000 system does not currently support
6. View the message hook
7. kernel module iat, eat, inline hook, patches detection and recovery
8. Disk, volume, keyboard, network layer filter driver detection, and support for the deletion
9. Registry Editor
10. Process iat, eat, inline hook, patches detection and recovery
11. file system view, to support basic file operations
12. view (edit) IE plug-in, SPI, startup items, services, Host file, image hijacking file associations,
system firewall rules, IME
13. ObjectType Hook detection and recovery Detect and remove
14. DPC timer
15. MBR Rootkit detection and repair
16. kernel objects hijacking detection
17. WorkerThread enumeration
18. Ndis some callback information enumeration
19. Hardware debug registers, commissioning API detection
20. Enumeration the SFilter / Flgmgr callback
21. Detection system user name
댓글