SP Posted December 13, 2011 Share Posted December 13, 2011 (edited) KeyScrambler Personal 2.6 + serial This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up 1. OPTIONS -- "General" KeyScrambler is on by default. To turn off the program, simply uncheck "Enable KeyScrambler Protection," or use the On/Off Hot Key to toggle 2. OPTIONS -- "Display" The user interface and the tray icon are set by default to appear on your computer screen. If you wish to hide them from sight, simply unselect "Both". 3. OPTIONS -- "Update" "Automatically Check for New Versions" is chosen by default. To turn off, simply unselect it. 4. OPTIONS -- "Advanced" The default setting for "Support East Asian languages Input" is off. Check it to turn it on. This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up The Crucial Path in the Operating System When you try do something online, for example access your checking account on your bank's website, your keystrokes will travel along a path in the operating system to reach the destination application. Many places along this path, malware can be physically or remotely planted by cyber criminals to intercept your keystrokes so they can steal your user name and password, which is why keystroke logging (keylogging) poses such a serious threat and is a thorny problem to solve. KeyScrambler secures your keystroke data through the crucial path. How does it work? As you're typing on the keyboard, KeyScrambler is simultaneously encrypting your keystrokes at the keyboard driver level. Because KeyScrambler is located in the kernel, deep in the operating system, it is difficult for keyloggers to bypass the encryption. As the encrypted keystrokes travel along the crucial path, it doesn't matter if they get logged, or whether the keyloggers are known or brand new, because your keystrokes are completely indecipherable the whole time. When the encrypted keystrokes finally arrive at the destination app, the decryption component of KeyScrambler goes to work, and you see exactly the keys you've typed. video tutorial : Download : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ AnVir Task Manager This is the hidden content, please Sign In or Sign Up Overview AnVir Task Manager controls everything running on the computer; it helps to enhance and accelerate Windows as well as remove viruses. Here you see the main window, which has five tabs: startup, applications, processes, services, and log. The startup window shows programs that run when Windows loads. AnVir Task Manager notifies the user when any program tries to add itself to Windows startup. The processes window replaces Windows Task Manager, providing full information on the running processes. The services window helps manage services. You can open the detailed information panel. Tweaker helps tweak Windows. AnVir Task Manager places icons that monitor the processor, disk, memory, network, and notebook battery in the system tray. It also adds useful commands to the standard window menu, which is accessible in each program by right clicking. For example, you can hide any window to the tray. AnVir Task Manager adds the list of recently used folders to "Open file" and "Save file" dialogs. Now let's see a more detailed review of the program. Main window Startup The startup window shows programs that run when Windows loads. Services and Internet Explorer toolbars. Recently added programs. Remove the program from Windows startup. Stop the process and add the program to the startup guard list. From now on, this program will be removed from startup when it tries to run on Windows startup. Add the program to the delayed startup. Programs in the delayed startup list are loaded one minute after Windows startup. This allows you to begin using the computer without waiting for Windows to load all startup applications. The startup window helps detect viruses and spyware. If you see a suspicious program, open the detailed information panel. Here you can see the description of the program from the knowledge base and the security analysis of the program. You can send the suspicious program to virustotal.com, where antivirus engines check the program. Processes The processes window replaces Windows Task Manager. It shows full information on the running processes as well as security analysis for each process. It also helps detect viruses and spyware. Startup. Disk usage. You can see which process loads a disk. Network usage: amount of traffic and download speed. An icon in the system tray, created by the process. Full path to the file. Other columns. The detailed information panel shows the security analysis. Loaded dlls. Files used by the process. Network connections of the selected process and of all processes. Performance graphs. Installed drivers. Services Services are the programs that run in the background. You can see full information on the services. You can stop or start a service, change its start type, and check it at virustotal.com. For services, you can see information from the knowledge base and the security analysis. For Windows services, you can see default and recommended start types. Log The log shows the start and termination of processes. Removal of viruses and control of Windows startup Now I will intentionally infect the computer with a virus. AnVir Task Manager monitors startup and notifies me when a virus tries to infect the computer. The virus has registered two files; AnVir Task Manager notes both. Opening the main window, we can see the detailed security analysis for each file. Suspicious files are marked in red. We can see that the first file is found in the knowledge base of dangerous programs. The file has settled in the system folder, which creates serious suspicion. The file contains no company name, which is characteristic of viruses. We can see the name of the virus in the second file. The file has created two visible icons in the system tray which reduces the security risk. Now I'll cure the infected computer. Remove a key from startup. This program should be deleted automatically. Terminate the process of the virus and remove virus file. The computer is cured! Startup guard automatically deletes unnecessary or harmful programs from the startup. Windows enhancements Tray icons AnVir Task Manager places a few icons on the system tray. Loading of each processor. Processes that use a processor the most. Loading and temperature of disks. Processes that load disks. A network icon. Upload and download speed. Memory usage. Processes that use the most memory. System menu extensions AnVir Task Manager adds useful commands to standard window menu, which is accessible in each program by right clicking. Pin any window on top. Hide any window in the system tray and save place on the taskbar. Restore it from the tray. Create a floating icon for any window. Change transparency. Change the priority of a process. Save the priority. From now on, each time the process starts, its priority is automatically changed. Set the standard size of a window. Extension of "Open file" and "Save file" dialogs AnVir Task Manager adds a list of recently used folders to the "Open file" and "Save file" dialogs, helping users access the necessary folders. Add this folder to favorites. Tweaker Tweaker is a program for tweaking Windows. Tweaker sets up both standard and hidden parameters of Windows. There are more than hundred parameters. Vista icons on Windows XP On Windows XP, AnVir Task Manager shows a drive's free space using a colored horizontal bar in Windows "My Computer." Balancing processor utilization AnVir Task Manager lowers the priority of background processes when they completely load the processor. Here I am starting a long calculation process. The calculator completely loads the processor. AnVir Task Manager sets a low priority for the process. When I finish the calculation, the priority is returned to the normal level. Startup This is the hidden content, please Sign In or Sign Up Startup window contains following items: Programs that run on Windows startup, or on user login. Non Microsoft services that run on Windows startup. Internet Explorer extensions: browser helper objects, toolbars, menu items. This is the hidden content, please Sign In or Sign Up Processes window allows to monitor and manage running processes. This is the hidden content, please Sign In or Sign Up Log window monitors following system events: Processes created Processes terminated Windows created :shocked::shocked: This is the hidden content, please Sign In or Sign Up Services window contains list of all system services. video Tutorial :http://www.anvir.com/tutorial/ Download : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ Sandboxie 3.61.04 + patch This is the hidden content, please Sign In or Sign Up Sandboxie is a proprietary sandbox-based isolation program developed by Ronen Tzur, for 32-bit Windows NT-based operating systems. It creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying the local or mapped drive. An isolated virtual environment allows controlled testing of untrusted programs and web surfing. Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer. When you run a program on your computer, data flows from the hard disk to the program via read operations. The data is then processed and displayed, and finally flows back from the progam to the hard disk via write operations. Sandboxie changes the rules such that write operations do not make it back to your hard disk. • Intercept changes to both your files and registry settings, making it virtually impossible for any software to reach outside the sandbox. • Traps cached browser items into the sandbox as a by-product of normal operation, so when you throw away the sandbox, all the history records and other side-effects of your browsing disappear as well. Benefits of the Isolated Sandbox: • Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially. • Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don't leak into Windows. • Secure E-mail: Viruses and other malicious software that might be hiding in your email can't break out of the sandbox and can't infect your real system. • Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox. Translations: The following languages can be selected during installation: English, Albanian, Chinese (Simplified and Traditional), Czech, Finnish, French, German, Italian, Japanese, Korean, Polish, Portuguese (Brasil), Russian and Turkish. OS : Win XP/2000/Vista/Win 7 Language : Multilanguage video : Download multi : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ FileAlyzer 2.0.5.57 This is the hidden content, please Sign In or Sign Up FileAlyzer is a tool to analyze files - the name itself was initially just a typo of FileAnalyzer, but after a few days I decided to keep it. FileAlyzer allows a basic analysis of files (showing file properties and file contents in hex dump form) and is able to interpret common file contents like resources structures (like text, graphics, HTML, media and PE). Using FileAlyzer is as simple as viewing the regular properties of a file - just right-click the file you want to analyze and choose Open in FileAlyzer. Download : This is the hidden content, please Sign In or Sign Up Download multi : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ SysAnalyzer This is the hidden content, please Sign In or Sign Up SysAnalyzer is an application that was designed to give malcode analysts an automated tool to quickly collect, compare, and report on the actions a binary took while running on the system. The main components of SysAnalyzer work off of comparing snapshots of the system over a user specified time interval. The reason a snapshot mechanism was used compared to a live logging implementation is to reduce the amount of data that analysts must wade through when conducting their analysis. By using a snapshot system, we can effectively present viewers with only the persistent changes found on the system since the application was first run. While this mechanism does help to eliminate allot of the possible noise caused by other applications, or inconsequential runtime nuances, it also opens up the possibility for missing key data. Because of this SysAnalyzer also gives the analyst the option to include several forms of live logging into the analysis procedure. When first run, SysAnalyzer will present the user with the following configuration wizard: The executable path textbox represents the file under analysis. It can be filled in either by Dragging and dropping the target executable on the SysAnalyzer desktop icon Specifying the executable on the command line Dragging and Dropping the target into the actual textbox Using the browse for file button next to the textbox Once this is done, the user can specify the following options to be used for the analysis: Delay - time in seconds between before and after snapshots Sniff Hit - whether to launch a specialized http/irc sniffer for analysis Api Logger- whether to inject a api logging dll into the target Directory Watcher- whether to monitor filesystem for all file creation activities These options are saved to a configuration file and do not need to be entered each time. Note that users can also select the "Skip" link in order to proceed to the main interface where they can manually control the snapshot tools. Once these options are filled in and the user selects the "Start button" the options will be applied, a base snapshot of the system taken, and the executable launched. Note: SysAnalyzer is not a sandboxing utility. Target executables are run in a fully live test on the system. If you are testing malicious code, you must realize you will be infecting your test system. SysAnalyzer's is designed to take snapshots of the following system attributes: Running processes Open ports and associated process Dlls loaded into explorer.exe and Internet Explorer System Drivers loaded into the kernel Snapshots of certain registry keys Each logged catagory is stored on its own tab in the main interface. The report link to the bottom right of the main interface can conglomerate all of this log data and place it into a simple text report for the user. Some tabs have their own options, buttons, and right click menus such as the running process tab shown above. Users are encouraged to explore the interface and its different settings. They should all be straight forward and will not be discussed more in depth here. If the user pressed the Start button on the wizard interface, a label on the main form will display a count down before the "after" snapshot is taken and analysis concludes. When the timer reaches 0, the second snapshot will be taken, and the diff report displayed in the main interface. If only one new process is found to be running, process analyzer will be launched to analyze it specifically. If more than one process is found, then a brief message will display instructing you to select the process you wish to analyze further and to use the "Analyze Process" button to view more details on it. Bugs: - app primarily tested and developed on Win2k, still possible sporatic bug under xp where it crashs trying to enumerate process ports. Crash seems to be caused by calling NtDeviceIoControlFile in rapid succession. Will work on it more when time opens up. video Tutorial : Download multi : This is the hidden content, please Sign In or Sign Up pass:http://level-23.biz ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ easy file locker This is the hidden content, please Sign In or Sign Up This free privacy programs lets you hide and lock your most sensitive files and folders, but we found its user interface counterintuitive and lacking password protection. Easy File Locker has a very plain user interface. The black-on-white command buttons aren't the least bit eye-appealing. But more importantly, the large blank window gives the impression that you can drag and drop files, but that proved not to be the case when we tried it. When we selected the add file button, a window appeared with boxes already checked to allow access and visibility to files, as well as the capability to write and delete them. We assumed that unchecking the boxes would turn off their respective functions, but doing so did just the opposite. Once we got used to the interface, the program worked as promised, but without any password protection, our changes were vulnerable to anyone with access to our PC. Despite being freeware, this tool doesn't offer much in terms of privacy. If you're looking for a secure way to hide or lock your files, we recommend that you keep looking. It left no traces on our PC when we uninstalled it. Read more: Easy File Locker - Free software downloads and software reviews - CNET Download.com This is the hidden content, please Sign In or Sign Up video tutorial : [video=youtube;-81IwOfjuqI] This is the hidden content, please Sign In or Sign Up Download : This is the hidden content, please Sign In or Sign Up Download multi : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ Process Explorer This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Introduction Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded. The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded. The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work. video Tutorial : Download : This is the hidden content, please Sign In or Sign Up Download multi : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ Autoruns This is the hidden content, please Sign In or Sign Up introduction This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys. You can configure Autoruns to show other locations, including Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more. Autoruns goes way beyond the MSConfig utility bundled with Windows Me and XP. Autoruns' Hide Signed Microsoft Entries option helps you to zoom in on third-party auto-starting images that have been added to your system and it has support for looking at the auto-starting images configured for other accounts configured on a system. Also included in the download package is a command-line equivalent that can output in CSV format, Autorunsc. You'll probably be surprised at how many executables are launched automatically! videos tutorial: [video=youtube;aD_E0q-x3ww] Download : This is the hidden content, please Sign In or Sign Up Download multi : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ TDSSKiller This is the hidden content, please Sign In or Sign Up A rootkit is a program or a program kit that hides the presence of malware in the system. A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API). It can effectively hide its presence by intercepting and modifying low-level API functions. Moreover it can hide the presence of particular processes, folders, files and registry keys. Some rootkits install its own drivers and services in the system (they also remain “invisible”). Kaspersky Lab has developed the TDSSKiller utility that allows removing rootkits. IMPORTANT The utility has a graphical interface. The utility supports 32-bit and 64-bit operation systems. The utility can be run in Normal Mode and Safe Mode. video : This is the hidden content, please Sign In or Sign Up Download : This is the hidden content, please Sign In or Sign Up Download multi : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ GMER This is the hidden content, please Sign In or Sign Up GMER is an application that detects and removes rootkits . It scans for: * Hidden processes * Hidden threads * Hidden modules * Hidden services * Hidden files * Hidden Alternate Data Streams * Hidden registry keys * Drivers hooking SSDT * Drivers hooking IDT * Drivers hooking IRP calls * Inline hooks GMER also allows to monitor the following system functions: * Processes creating * Drivers loading * Libraries loading * File functions * Registry entries * TCP/IP connections GMER runs on Windows NT/W2K/XP/VISTA Download : This is the hidden content, please Sign In or Sign Up Download multi : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ Process Hacker This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up A very incomplete feature list for Process Hacker 2: Processes • View processes in a tree view with highlighting • View detailed process statistics and performance graphs • Process tooltips are detailed and show context-specific information • Select multiple processes and terminate, suspend or resume them • (32-bit only) Bypass almost all forms of process protection • Restart processes • Empty the working set of processes • Set affinity, priority and virtualization • Create process dumps • Use over a dozen methods to terminate processes • Detach processes from debuggers • View process heaps • View GDI handles • Inject DLLs • View DEP status, and even enable/disable DEP • View environment variables • View and edit process security descriptors • View image properties such as imports and exports Threads • View thread start addresses and stacks with symbols • Threads are highlighted if suspended, or are GUI threads • Select multiple threads and terminate, suspend or resume them • Force terminate threads • View TEB addresses and view TEB contents • (32-bit only) Find out what a thread is doing, and what objects it is waiting on • View and edit thread security descriptors Tokens • View full token details, including user, owner, primary group, session ID, elevation status, and more • View token groups • View privileges and even enable, disable or remove them • View and edit token security descriptors Modules • View modules and mapped files in one list • Unload DLLs • View file properties and open them in Windows Explorer Memory • View a virtual memory list • Read and modify memory using a hex editor • Dump memory to a file • Free or decommit memory • Scan for strings Handles • View process handles, complete with highlighting for attributes • Search for handles (and DLLs and mapped files) • Close handles • (32-bit only) Set handle attributes - Protected and Inherit • Granted access of handles can be viewed symbolically instead of plain hex numbers • View detailed object properties when supported • View and edit object security descriptors Services • View a list of all services • Create services • Start, stop, pause, continue or delete services • Edit service properties • View service dependencies and dependents • View and edit service security descriptors Network • View a list of network connections • Close network connections • Use tools such as whois, traceroute and ping video : This is the hidden content, please Sign In or Sign Up Download setup multi : This is the hidden content, please Sign In or Sign Up Download portable multi : This is the hidden content, please Sign In or Sign Up Download setup : This is the hidden content, please Sign In or Sign Up Download portable : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ XueTr This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up A powerful anti-virus tool manual, support 32-bit 2000, xp, 2003, vista, 2008, and Win7 operating system. Author QQ microblogging: This is the hidden content, please Sign In or Sign Up welcome to listen, after XueTr situation will be released here. This tool is currently achieve the following functions: 1 processes, threads, process modules, process window, process memory, timer, hotkey information to view, kill the process, kill the thread, unload the module and other functions (2) kernel driver module view, to support the kernel driver module memory copy 3.SSDT, Shadow SSDT, FSD, KBD, TCPIP, Classpnp, Atapi, Acpi, SCSI, IDT, GDT information view, and can detect and recover ssdt hook and inline hook 4.CreateProcess, CreateThread, LoadImage, CmpCallback, BugCheckCallback, Shutdown, Lego, etc. Notify Routine information view, and supports the removal of these Notify Routine 5 port information view, the current system does not support the 2000 6 See the news hook 7 kernel modules iat, eat, inline hook, patches detection and recovery 8 disk, volume, keyboard, network layer filter driver detection, and supports the deletion of 9 Registry Editor 10 process iat, eat, inline hook, patches detection and recovery 11 file system view, supports basic file operations 12 View (edit) IE plug-in, SPI, startup items, services, Host files, image taking, file associations, system firewall rules, IME 13.ObjectType Hook detection and recovery 14.DPC timer to detect and remove 15.MBR Rootkit detection and repair 16 hijacked kernel object detection 17.WorkerThread enumeration Disclaimer: This is just a small tool to free aid, if you use this tool to you directly or indirectly caused the loss, damage, I am not responsible. Your use of the gadget from the moment, you are deemed to have accepted this disclaimer. Download : This is the hidden content, please Sign In or Sign Up Download multi :http://www.multiupload.com/XGQ1TSYUP3 ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ Helios This is the hidden content, please Sign In or Sign Up english:Helios is an advanced technology system for detecting malware. This downloadable version is a technology, however, is under development to become a full business solutions to the management level of malware. This includes centralized monitoring snapshots, system, etc. Helios has been designed to detect, remove and inoculate against modern rootkits. What sets it apart from conventional antivirus / antispyware products is not based on a database of known signatures. We believe that the malware, by definition, has to perform malicious actions on the system. By observing that the software performs malicious behavior, it is best that can be detected malware. Thus Helios uses a 'behavior' analysis engine in place of signatures. The advantage of this is that we catch the malware that is "unknown" in nature, or for which the firm based products do not have a definition of the firm. NOTE: Helios requires Microsoft. Net Framework 2.0 is installed. Helios Lite does not need to be installed spanish:Helios es una tecnolog?a de avanzada del sistema de detecci?n de malware. Esta versi?n descargable es una muestra de tecnolog?a, sin embargo, est? en desarrollo para convertirse en un completo de soluciones empresariales de nivel a la gesti?n de malware. Esto incluye instant?neas de monitoreo centralizado, sistema, etc Helios ha sido dise?ado para detectar, eliminar y inocular contra los rootkits modernos. Lo que lo diferencia de los convencionales antivirus / antispyware productos es que no se basa en una base de datos de firmas conocidas. Creemos que el malware, por definici?n, tiene que realizar acciones maliciosas en el sistema. Mediante la observaci?n de que el software lleva a cabo el comportamiento malicioso, es mejor que se puede detectar malware. As?, Helios utiliza un 'comportamiento' motor de an?lisis en lugar de firmas. La ventaja de esto es que podemos coger el malware que es "desconocido" en la naturaleza, o para los cuales la firma productos a base de no tener una definici?n de la firma. NOTA:Helios requiere Microsoft. Net Framework 2.0 esté instalado. Helios Lite no necesita ser instalado video Tutorial : This is the hidden content, please Sign In or Sign Up Download: The latest version of Helios can always be found at the following URL: http://helios.miel-labs.org/downloads/Helios.zip Download multi : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ Kernel Detective This is the hidden content, please Sign In or Sign Up Kernel Detective is a free tool that help you detect, analyze, manually modify and fix some Windows NT kernel modifications. Kernel Detective gives you the access to the kernel directly so it's not oriented for newbies. Changing essential kernel-mode objects without enough knowledge will lead you to only one result ... BSoD ! Supported NT versions : XP/Vista/Server 2008/SEVEN Kernel Detective gives you the ability to : 1- Detect Hidden Processes. 3- Detect Hidden Threads. 2- Detect Hidden DLLs. 3- Detect Hidden Handles. 4- Detect Hidden Driver. 5- Detect Hooked SSDT. 6- Detect Hooked Shadow SSDT. 7- Detect Hooked IDT. 8- Detect Kernel-mode code modifications and hooks. 9- Disassemble (Read/Write) Kernel-mode/User-mode memory. 10- Monitor debug output on your system. Enumerate running processes and print important values like Process Id, Parent Process Id, ImageBase, EntryPoint, VirtualSize, PEB block address and EPROCESS block address. Special undocumented detection algorithms were implemented to detect hidden processes. Detect hidden and suspicious threads in system and allow user to forcely terminate them . Enumerate a specific running process Dynamic-Link Libraries and show every Dll ImageBase, EntryPoint, Size and Path. You can also inject or free specific module. Enumerate a specific running process opened handles, show every handle's object name and address and give you the ability to close the handle. Enumerate loaded kernel-mode drivers and show every driver ImageBase, EntryPoint, Size, Name and Path. Undocumented detection algorithms were implemented to detect hidden drivers. Scan the system service table (SSDT) and show every service function address and the real function address, detection algorithm improved to bypass KeServiceDescriptorTable EAT/IAT hooks.You can restore single service function address or restore the whole table. Scan the shadow system service table (Shadow SSDT) and show every shadow service function address and the real function address. You can restore single shadow service function address or restore the whole table Scan the interrupts table (IDT) and show every interrupt handler offset, selector, type, Attributes and real handler offset. This is applied to every processor in a multi-processors machines. Scan the important system kernel modules, detect the modifications in it's body and analyze it. For now it can detect and restore inline code modifications, EAT and IAT hooks. I'm looking for more other types of hooks next releases of Kernel Detective. A nice disassembler rely on OllyDbg disasm engine, thanks Oleh Yuschuk for publishing your nice disasm engine .With it you can disassemble, assemble and hex edit virtual memory of a specific process or even the kernel space memory. Kernel Detective use it's own Read/Write routines from kernel-mode and doesn't rely on any windows API. That make Kernel Detective able to R/W processes VM even if NtReadProcessMemory/NtWriteProcessMemory is hooked, also bypass the hooks on other kernel-mode important routines like KeStackAttachProcess and KeAttachProcess. Show the messages sent by drivers to the kernel debugger just like Dbgview by Mark Russinovich. It's doing this by hooking interrupt 0x2d wich is responsible for outputing debug messages. Hooking interrupts may cause problems on some machines so DebugView is turned off by default, to turn it on you must run Kernel Detective with "-debugv" parameter. Download : This is the hidden content, please Sign In or Sign Up Download multi : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ wireshark This is the hidden content, please Sign In or Sign Up Features Wireshark has a rich feature set which includes the following: Deep inspection of hundreds of protocols, with more being added all the time Live capture and offline analysis Standard three-pane packet browser Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility The most powerful display filters in the industry Rich VoIP analysis Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others Capture files compressed with gzip can be decompressed on the fly Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform) Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2 Coloring rules can be applied to the packet list for quick, intuitive analysis Output can be exported to XML, PostScript®, CSV, or plain text video Tutorial : 1- Introduction To Wireshark Learn how to get up and running with Wireshark. This is the hidden content, please Sign In or Sign Up 2- Custom Wireshark Shortcuts Start capturing quickly with a custom shortcut. This is the hidden content, please Sign In or Sign Up Download : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ online scan This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up sites to analyze malware This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ :wack25::wack25::wack25::wack25::wack25::wack25: notes: don't forget 1- antivirus internet security ,, you can get serials here : This is the hidden content, please Sign In or Sign Up 2- firewall 3- Deepfreez go here : This is the hidden content, please Sign In or Sign Up or something like that 4-virtual machine Vmware go here : This is the hidden content, please Sign In or Sign Up ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ by Cybergate:skevptical: :kiss::kiss::kiss::kiss: Edited December 21, 2011 by SP Link to comment Share on other sites More sharing options...
Nax Posted December 13, 2011 Share Posted December 13, 2011 wow men, great collection :derisive: Link to comment Share on other sites More sharing options...
SP Posted December 13, 2011 Author Share Posted December 13, 2011 thank you nax your welcom:derisive: Link to comment Share on other sites More sharing options...
sQuo Posted December 13, 2011 Share Posted December 13, 2011 yea, useful tools thanks you @CiberGate Link to comment Share on other sites More sharing options...
SP Posted December 13, 2011 Author Share Posted December 13, 2011 yea, useful tools thanks you @CiberGate your welcome bro and i will update it every time Link to comment Share on other sites More sharing options...
Darknexz Posted December 13, 2011 Share Posted December 13, 2011 nice recopilation Link to comment Share on other sites More sharing options...
new_g Posted August 6, 2012 Share Posted August 6, 2012 Re: best Σ protections and analyze ✔ SysAnalyzer Link dead can u uplouad it again Link to comment Share on other sites More sharing options...
.webp.8407a83ac96563f75e1c428a1f0d4c3e.webp)
.webp.9a04cec050a656fab081ac190f971c3f.webp)
Hack Tools Resurrection
Recommended Posts