Sunday, November 02, 2008

SysProt AntiRootkit v1.0.0.6 released!

Here comes the latest version of SysProt AntiRootkit, with various improvements over the previous version. Following list summarizes the improvements in SysProt AntiRootkit v1.0.0.6:
  • Improved hidden drivers and services detection
  • Improved driver/service disabling feature
  • Improved process killing mechanisms
  • Added DLLs view for processes (double-click on a process to see loaded DLLs)
  • Brand new hidden and locked files/folder scanning
  • Color coded display (hidden items are displayed in red color)
  • Ability to filter the display to show only hidden items
  • Various optimizations in driver for better performance and stability

Here are some screenshots which show SysProt AntiRootkit v1.0.0.6 in action:
Processes view:


DLLs of a process:


Hidden drivers:


Hidden and locked files:


SSDT hooks:

Download SysProt AntiRootkit v1.0.0.6 from MajorGeeks. Feedback is welcome :)

3 Comments:

Anonymous Anonymous said...

I think you need to have some instructions. Not everyone that will use/need your program is a computer security geek. A help file/explanation of the function/operation of each tab component might be helpful.

Good job--it's getting better!

RWS

10:12 AM  
Blogger swatkat said...

Hi RWS,

Glad you liked the tool! Thanks for the suggestions! I am working on help file for the tool :) Will be releasing it soon!

12:02 PM  
Anonymous Anonymous said...

Hey Swatkat,
The file available on the link to download Sysprot that you have given has got few kachchings.
1)No Orange-Logo is getting displayed in the first tab.
2)The File system scan displays a dialog while scanning which uses negative logic, i mean "press OK to stop!!"; its human tendency to press OK carelessly, than compared to STOP; OK is less warning. For a message "Scanning can be stopped by pressing the button", which of these buttons will you press OK, STOP or CANCEL?

Yours...
OcDex

11:01 PM  

Post a Comment

<< Home