Exetools  

Go Back   Exetools > General > x64 OS

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-02-2013, 00:09
exeu
 
Posts: n/a
ARK for WINDOWS x64: WIN64AST(with digital signature)

WIN64AST is an ARK/Advanced System Tool for Windows x64.
This software can manage some kernel information on WINDOWS x64, you can use it to kill virus, assist debugging/programming or explore windows kernel.
I am the Author. Welcome to use this tool.

Functions:
Manage Process(include Module/Thread/Handle/Window)
View Kernel Module
View/Disconnect Net Connection
Enum/Restore SSDT and SHADOW SSDT
Scan/Clear User mode and Kernel mode Inline hook
View/Delete Message Hook
View/Restore Driver Dispatch Function
View/Restore Kernel Object Routine Function
View/Delete Callback & Notify
Enum/Delete IO Timer
Enum/Delete DPC Timer
Enum MiniFilter/Disable MiniFilter callback function
Enum/Remove Filter Driver
Enum/Restore IDT
Enum GDT
Show value of special register(CR0/CR2/CR3/CR4/DR0/DR1/DR2/DR3/DR6/DR7)
Scan/Clear User mode EAT/IAT Hook
View/Backup/Restore MBR
Process Behavior Monitor
Edit(Disasm/Modify) Kernel Memory
Force Unlock/Delete File
Force Delete/Rename/Create RegKey & RegValue
Check digital signature of file

If you want to use this tool, you need to setup .NET Framework 4.0. Because the GUI of this tool is written by VB2010.

Edit 1: If you have opinions and suggestions, please tell me on below, send private message to me or send E-MAIL to tesla.angela@qq.com.
If you cannot download the attachment, you can download it on another forum: http://www.kernelmode.info/forum/viewtopic.php?f=11&t=1691

Edit 2: Microsoft .NET Framework 4 (Standalone Installer): http://www.microsoft.com/en-us/download/details.aspx?id=17718

Get new version: http://win64ast.m5home.com (Chinese)
Attached Files
File Type: rar WIN64AST_100_PREVIEW6_EN.rar (1.33 MB, 23 views)
Reply With Quote
The Following User Gave Reputation+1 to For This Useful Post:
chessgod101 (01-02-2013)
  #2  
Old 05-01-2013, 07:12
Sabor Sabor is offline
Friend
 
Join Date: Sep 2005
Posts: 68
Rept. Given: 0
Rept. Rcvd 3 Times in 3 Posts
Thanks Given: 0
Thanks Rcvd at 2 Times in 2 Posts
Sabor Reputation: 3
cool

cool ark , on minifilter drive no ability stop monitor?
Reply With Quote
The Following User Says Thank You to Sabor For This Useful Post:
nkhai64 (11-03-2023)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Windows 11: TPMs and Digital Sovereignty isdebuggerpresent General Discussion 15 07-04-2021 18:01
Remove signature from windows DLL? jonwil General Discussion 5 09-09-2020 14:58
Digital signature in network protocol nine General Discussion 3 07-25-2003 23:46


All times are GMT +8. The time now is 16:45.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )