2011년 6월 8일 수요일

PowerTool 4.1 Update! (2011.10.01)


PowerTool is a free anti-virus&rootkit utility. It offers you the ability to detect, analyze and fix various kernel structure modifications and gives you a wide scope of the kernel.

Project Home

Downlaod

IThurricane (Maker) Blog


* Microsoft Visual C++ 2008 필요 - Microsoft Visual C++ 2008 Redistributable Package (x86) - http://goo.gl/yoTz


* supports the following Windows 32-bit versions : WindowsXp/Windows2003/Vista/Windows7


Update Log

2011-10-01 PowerTool V4.1

2011-10-01 PowerTool V4.1 Increase:
1 test BMW / Mebromi other Award of BIOS rootkit, and show some BIOS information

Improvement:
1 modified in some machines to detect infection drivers and kernel entry point, the program crash BUG
(2) modify the program to crash, then run the driver could not be loaded after the BUG
3 files modified in the off-line analysis is not correct vendor, and increase the signature checks





Anti-Rootkit Tool : XueTr 0.41 Update! (2011.06.26)

홈페이지 - http://www.xuetr.com

다운로드 - http://xuetr.com/download/XueTr.zip

A powerful anti-virus tools to hand to support 32-bit 2000, xp, 2003, vista, 2008, and Win7 operating system.


Now implement the following functions:
1. Process, thread, process modules, process window, process memory, timer, hotkey information to view, kill the process, kill thread, unload the module and other functions
2. Kernel driver module to view, support for memory copy of the kernel driver module
3.SSDT, Shadow SSDT, FSD, KBD, TCPIP, Classpnp, Atapi, Acpi, SCSI, IDT, GDT information view, and can detect and restore ssdt hook and inline hook
4.CreateProcess, CreateThread, LoadImage, CmpCallback, BugCheckCallback, Shutdown, Lego, etc. Notify Routine information view, and to support the removal of these Notify Routine
5. Port information view, the current system does not support the 2000
6. View the message hook
7. Kernel module iat, eat, inline hook, patches detection and recovery
8. Disk, volume, keyboard, network layer, filter driver testing, and support the deletion of
9. Registry Editor
10. Process iat, eat, inline hook, patches detection and recovery
11. File system view, supports the basic file operations
12. View (Edit) IE plug-in, SPI, start, service, Host file, the image taking, file associations, system firewall rules, IME
13.ObjectType Hook detection and recovery
14.DPC timer detection and removal
15.MBR Rootkit detection and repair
16. Kernel object hijack detection
17.WorkerThread enumeration
 
Disclaimer: This is a free tool to assist small, if you use this tool to you directly or indirectly led to the loss, damage, I am not responsible. Your use of this gadget from the moment, will be deemed your acceptance of this disclaimer.

2011년 6월 4일 토요일

COMODO Cleaning Essentials 1.7.192479.98 Released!

출처) Comodo Cleaning Essentials (CCE) + KillSwitch - CCE -
https://forums.comodo.com/comodo-cleaning-essentials-cce-killswitch-cce/comodo-cleaning-essentials-1719247998-released-t73240.0.html

CCE (COMODO Cleaning Essentials) 정식 릴리즈 되었습니다. (2011.03.23)

CCE (COMODO Cleaning Essentials) 는 Comodo Antivirus, Camas (Comodo Instant Malware Analysis), DACS를 이용한 검사를 통해 PC에 있는 악성 파일을 검출해 냅니다.

Portable 방식(설치 없이 사용 가능)이며, MBR 검사, Rootkit을 포함한 숨겨진 파일 및 레지스트리 검사가 가능하며 강력한 파일 제거기능이 포함되어 있습니다.

CCE에는 'Killswitch' 라는 Process 관리 툴이 있으며, Process Hacker를 기반으로 제작 및 DACS 기능이 포함되어 있어 악성 Process를 제거하는데 도움을 줍니다.

Comodo DACS (Distributed and Collaborative Scanning) 란?  - http://4savit.blogspot.com/2011/02/comodo-dacs-distributed-and.html

What's new in CCE 1.7.192479.98?
IMPROVED: More powerful disk access method which can detect tough hidden rootkits
IMPROVED: Latest anti-virus engine integrated
FIXED: Hidden services FP under certain circumstance
FIXED: CCE can now detect and remove all TDL3/4 rootkits
FIXED: CCE hangs before system restarts in x64 system

Download Locations:

http://download.comodo.com/cce/download/setups/cce_1.6.183539.73_x32.zip
http://download.comodo.com/cce/download/setups/cce_1.6.183539.73_x64.zip


Comodo Cleaning Essentials RC Test (languy99) - http://www.youtube.com/watch?v=fdQQktHSUEU