|
ARK for WINDOWS x64: WIN64AST(with digital signature)
WIN64AST is an ARK/Advanced System Tool for Windows x64.
This software can manage some kernel information on WINDOWS x64, you can use it to kill virus, assist debugging/programming or explore windows kernel.
I am the Author. Welcome to use this tool.
Functions:
Manage Process(include Module/Thread/Handle/Window)
View Kernel Module
View/Disconnect Net Connection
Enum/Restore SSDT and SHADOW SSDT
Scan/Clear User mode and Kernel mode Inline hook
View/Delete Message Hook
View/Restore Driver Dispatch Function
View/Restore Kernel Object Routine Function
View/Delete Callback & Notify
Enum/Delete IO Timer
Enum/Delete DPC Timer
Enum MiniFilter/Disable MiniFilter callback function
Enum/Remove Filter Driver
Enum/Restore IDT
Enum GDT
Show value of special register(CR0/CR2/CR3/CR4/DR0/DR1/DR2/DR3/DR6/DR7)
Scan/Clear User mode EAT/IAT Hook
View/Backup/Restore MBR
Process Behavior Monitor
Edit(Disasm/Modify) Kernel Memory
Force Unlock/Delete File
Force Delete/Rename/Create RegKey & RegValue
Check digital signature of file
If you want to use this tool, you need to setup .NET Framework 4.0. Because the GUI of this tool is written by VB2010.
Edit 1: If you have opinions and suggestions, please tell me on below, send private message to me or send E-MAIL to tesla.angela@qq.com.
If you cannot download the attachment, you can download it on another forum: http://www.kernelmode.info/forum/viewtopic.php?f=11&t=1691
Edit 2: Microsoft .NET Framework 4 (Standalone Installer): http://www.microsoft.com/en-us/download/details.aspx?id=17718
Get new version: http://win64ast.m5home.com (Chinese)
|