Sunday, March 08, 2009

SysProt AntiRootkit v1.0.0.9 released

Here's the latest version of SysProt AntiRootkit. Now, SysProt AntiRootkit v1.0.0.9 supports Windows Vista (32 bit)! Check out few screenshots that show SysProt AntiRootkit in action:

Kernel modules:



SSDT hooks:



Kernel inline hooks:

Following list summarizes the changes in SysProt AntiRootkit v1.0.0.9:
  • Added Windows Vista support
  • Improved device driver detection
  • Faster "Kernel Hooks" scan
  • Faster "Ports" scan
The latest version can be downloaded from here. Supported operating systems are Windows 2000/XP/2003/Vista, 32 bit versions. Feedback is welcome :)

3 Comments:

Anonymous Anonymous said...

FreewareGeeks.com mirror:

http://www.freewaregeeks.com/?page=detail&get_id=865&category=64

1:58 PM  
Anonymous Anonymous said...

This is a great Rootkit identifying and removal Program .
But there is a problem >
There seems to be no Database to
list and define Bad vs. Good
Ntoskrnl.exe Kernel hooks.
For example SysProt listed 391
Ntoskrnl.exe hooks on my Win-XP
Build. Granted I have a LOT of Third Party Software Installed, but
the issue here is there is no
association with say Hooked Function " ZWUnlockFile " with
what program is associated with the hooking of Ntoskrnl.exe

This is confusing and bad for
anyone using this utility as
clicking that " Fix Hook "
Tab could in fact screw your
Windows Build Totally up.
***************************
So this post is directed to the
Programmers of SysProt AntiRootkit
Please either make a database available to users that defines
what are BAD vs. GOOD kernel hooks
****************************
Thanks

1:07 AM  
Blogger swatkat said...

@FreewareGeeks,
Thanks for FreewareGeeks mirror!

@2nd comment,
I will try to add a whitelist kind of feature to SysProt. Thanks for the feedback.

9:46 PM  

Post a Comment

<< Home