Description: SSDT s full name is System Services Descriptor Table, the system service descriptor table. This is a table of the Win32 API and ring0 ring3 kernel API link. SSDT is not only a huge address contains only the index table, it also contains some other useful information, such as the address of the index base address, the number of functions and other services.
Function by modifying the address of this table can be used for windows functions and API hook, in order to achieve the action of some concern to filter systems, surveillance purpose. Some HIPS, antivirus software, system monitoring, registry monitoring software often uses this interface to implement its own monitoring module,
At present very few virus does use this method to protect themselves or to destroy anti-virus software, but if the virus before the antivirus software into the system and clear it will not be able to identify opportunities to attack.
To Search:
File list (Check if you may need any files):
SSDT
....\BIN
....\...\SSDT.sys
....\EXE
....\...\SSDT.cpp.bak
....\...\SSDT.h
....\...\SSDTLIB.cpp
....\IOCTL.h
....\SSDT
....\....\#prepack.bat
....\....\bin
....\....\...\SSDT.exe
....\....\...\SSDT.sys
....\....\...\SSDT2560.sys
....\....\...\SSDT4352.sys
....\....\Debug
....\....\Release
....\....\res
....\....\...\SSDT.ico
....\....\...\SSDT.rc2
....\....\resource.h
....\....\SSDT.APS
....\....\SSDT.clw
....\....\SSDT.cpp
....\....\SSDT.dsp
....\....\SSDT.dsw
....\....\SSDT.h
....\....\SSDT.opt
....\....\SSDT.rc
....\....\SSDT.rc.bak
....\....\SSDT.sys
....\....\SSDT2560.sys
....\....\SSDT4352.sys
....\....\SSDTDlg.cpp
....\....\SSDTDlg.cpp.bak
....\....\SSDTDlg.h
....\....\StdAfx.cpp
....\....\StdAfx.h
....\SSDT2
....\.....\BIN
....\.....\...\SSDT.sys
....\.....\...\SSDT查看恢复工具.exe
....\.....\EXE
....\.....\...\SSDT.cpp
....\.....\...\SSDT.h
....\.....\IOCTL.h
....\.....\SSDT查看恢复工具
....\.....\................\res
....\.....\................\...\SSDT查看恢复工具.ico
....\.....\................\...\SSDT查看恢复工具.rc2
....\.....\................\resource.h
....\.....\................\SSDT查看恢复工具.cpp
....\.....\................\SSDT查看恢复工具.dsp
....\.....\................\SSDT查看恢复工具.dsw
....\.....\................\SSDT查看恢复工具.h
....\.....\................\SSDT查看恢复工具.rc
....\.....\................\SSDT查看恢复工具Dlg.cpp
....\.....\................\SSDT查看恢复工具Dlg.h
....\.....\................\StdAfx.cpp
....\.....\................\StdAfx.h
....\.....\SYS
....\.....\...\MAKEFILE
....\.....\...\SOURCES
....\.....\...\SSDT.c
....\SYS
....\...\buildfre_wxp_x86.log
....\...\MAKEFILE
....\...\objfre_wxp_x86
....\...\..............\i386
....\...\..............\....\ssdt.obj
....\...\..............\....\ssdt.obj.oacr.root.x86fre.pft.xml
....\...\..............\....\_objects.mac
....\...\SOURCES
....\...\SSDT.c
....\...\SSDT.c.bak
....\...\sys
....\...\...\i386
....\...\...\....\SSDT.pdb
....\...\...\....\SSDT.sys
....\...\...\....\SSDT4352.sys
Download