Indetectables

This tool is currently achieve the following functions:

1. Processes, threads, process modules, process window, process memory, timer, hotkey information to view, kill the process, kill the thread, unload the module and other functions.

2. Kernel driver module view, to support the kernel driver module memory copy.

3. SSDT, Shadow SSDT, FSD, KBD, TCPIP, Classpnp, Atapi, Acpi, SCSI, IDT, GDT information view, and can detect and recover ssdt hook and inline hook.

4. CreateProcess, CreateThread, LoadImage, CmpCallback, BugCheckCallback, Shutdown, Lego, etc. Notify Routine information view, and supports the removal of these Notify Routine.

5. Port information view, the current system does not support the 2000.

6. See the news hook.

7. Kernel modules iat, eat, inline hook, patches detection and recovery.

8. Disk, volume, keyboard, network layer filter driver detection, and supports the deletion of.

9. Registry Editor

10. Process iat, eat, inline hook, patches detection and recovery.

11. File system view, supports basic file operations.

12. View (edit) IE plug-in, SPI, startup items, services, Host files, image taking, file associations, system firewall rules, IME.

13. ObjectType Hook detection and recovery.

14. DPC timer to detect and remove.

15. MBR Rootkit detection and repair.

16. Hijacked kernel object detection.

17. WorkerThread enumeration.

Disclaimer: This is just a small tool to free aid, if you use this tool to you directly or indirectly caused the loss, damage, I am not responsible. Your use of the gadget from the moment, you are deemed to have accepted this disclaimer.