Description: 1, the interest rate hook monitoring: list of system messages on the hook. 2, block load monitoring: list of all the system loads the kernel modules 3, SSDT Monitor: SSDT get the original address to get the API HOOK malicious program and restore SSDT 4, registry protection: some important registry item for protection against malicious programs modify. 5, the hidden process detection: detection of hidden system process. 6, hidden port detection: the system detected the hidden port. 7, strong kill the process: the system can kill self-protection against malicious processes.
File list (Check if you may need any files):
源代码\CUI\appface.dll
......\...\AppFace.h
......\...\appface.lib
......\...\appfaceu.lib
......\...\BITMAP1.BMP
......\...\Debug\appface.dll
......\...\.....\office2007_af.urf
......\...\.....\SSDT.exe
......\...\.....\SSDT.ilk
......\...\.....\SSDT.obj
......\...\.....\SSDT.pch
......\...\.....\SSDT.pdb
......\...\.....\SSDT.res
......\...\.....\SSDT.sbr
......\...\.....\SSDT.sys
......\...\.....\vc60.idb
......\...\.....\vc60.pdb
......\...\fzu.bmp
......\...\fzubackground.bmp
......\...\IOCTL.h
......\...\newsysmon.bmp
......\...\office2007_af.urf
......\...\resource.h
......\...\SSDT.APS
......\...\SSDT.CPP
......\...\SSDT.dsp
......\...\SSDT.dsw
......\...\SSDT.h
......\...\SSDT.ico
......\...\SSDT.ncb
......\...\SSDT.opt
......\...\SSDT.plg
......\...\SSDT.RC
......\...\sysmon.bmp
......\...\TOOLBAR.BMP
......\SYS\buildchk_wxp_x86.log
......\...\buildchk_wxp_x86.wrn
......\...\IOCTL.h
......\...\MAKEFILE
......\...\objchk_wxp_x86\i386\ssdt.obj
......\...\..............\....\_objects.mac
......\...\SOURCES
......\...\SSDT.c
......\...\sys\i386\SSDT.pdb
......\...\...\....\SSDT.sys
ReadMe.txt
源代码\SYS\objchk_wxp_x86\i386
......\...\sys\i386
......\CUI\Debug
......\SYS\objchk_wxp_x86
......\...\sys
......\CUI
......\SYS
源代码