PC Hunter_1.53.zip

  • B2_732547
  • 6.8MB
  • zip
  • 0
  • VIP专享
  • 0
  • 2022-06-14 17:28
PC Hunter是一个强大的Windows系统信息查看软件,也是手工杀毒辅助软件。软件可以查看内核文件、驱动模块、隐藏进程、注册表等等信息,方便获取相关数据.
PC Hunter_1.53.zip
  • PCHunter32.exe
  • PCHunter64.exe
  • 说明.txt
  • readme.txt
PCHunter anti-rootkit is a free and handy toolkit for Windows with various powerful features for kernel structure viewing and manipulation.It offers you the ability with the highest privileges to detect, analyze and restore various kernel modifications and gives you a wide scope of the kernel.With its assistance, you can easily spot and neutralize malwares hidden from normal detectors. PCHunter currently supports the following Windows versions: Windows 2000 SP4 (32-bit only) Windows XP (32-bit only) Windows Server 2003 (32-bit only) Windows Vista (32-bit only) Windows Server 2008 (32-bit only) Windows 7 (32/64) Windows 8 (32/64) Windows 8.1 (32/64) Windows 10 (32/64) Currently,the following features are available: *Process Manager View system process and thread basic information. Detect hidden processes,threads,process modules. Terminate, suspend and resume processes and threads. View and manipulate process handles,windows and memory regions. *Kernel Module Viewer Display kernel module information including ImageBase,Size,Driver Object,ImagePath,ServiceName and Load Order. Detect hidden kernel modules. Unload kernel module(dangerous). Dump kernel image memory. Display and delete system driver service information. *Hook Detector View and restore SSDT,Shadow SSDT,sysenter and int2e hooks. View and restore FSD and keyboard disptach hooks. View and restore kernel code hooks including kernel inline hooks,patches,IAT and EAT hooks. View and restore usermode process hooks incluing inline hooks,patches,IAT and EAT hooks. View and restore message hooks(both global and local). View and restore kernel ObjectType hooks. Display Interrupt Descriptor Table(IDT). *System Callback Viewer Display and remove Kernel Notifications(Process/Thread/Image/Registry/Lego/Shutdown/Bugcheck/FileSystem/Logon). *Network Viewer Display current network connections, including the local and remote addresses and state of TCP connections. View and delete IE plugins and context menu. View and restore tcpip dispatch hooks. Display winsock providers(SPI). View and edit hosts file. *Filter Viewer View and remove filters for common devices including disk,volume,keyboard and network devices. *Registry Viewer View and edit system registry. Detect hidden registry entries using live registry hive analysis. *File Explorer Detect hidden files using both disk analysis and driver methods. View and delete locked files and folders. View file basic information including NTFS Alternate Data Streams. *Autorun Manager Display and delete common autorun entries. *Service Manager Display Win32 service information (for Ring0 modules,it is included in Kernel Module Viewer). Change service status and configuration. *DPC Timer Enumerate and delete DPC Timer objects. *Miscellaneous View and repair common filetype assosications. View and repair image hijacks. *Settings Option to defense from process creation,thread creation,module load and message hook installation. Option to defense from file creation,registry key creation. Option to prevent system suspend,log-off,shutdown and reboot. Option to prevent locking workstation and switching destop. option to prevent setting system time. Warning:Use it at your own risk.This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY. Commerrial use is forbidden for free(standard) pchunter version. 2018-03-10 V1.53: *Support Win10(BuildNumber:16299) *Fixed a bug in x64 Win7 system which be patched for Meltdown&Spectre. 2017-08-06 V1.52: *Support Win10(BuildNumber:15063) 2016-10-06 V1.51: *Support Win10(BuildNumber:14393) *Added disable LoadDriver feature for x64 system *The free version won't support System 2000,xp,2003 and Vista from this version 2016-04-10 V1.5: *Support Win10(BuildNumber:10586) 2015-10-17 V1.4: *Support Win10(BuildNumber:10240) 2014-10-22 V1.35: *Fixed a bug in x86 Win8�
    • windows系统解析
      1.windows XP系统内核文件分析(全) 2.Windows2000XP系统文件夹详解 3.Windows下的EXE文件解析 4.WINDOWS常见文件夹完全解析 5.Windows文件解析——CWINDOWSsystem32driversetchosts 6.Windows系统文件解析 7.对...
    • Windows 基础
      Windows API 基础 Windows API 基础 Windows API 基础 Windows API 基础 Windows API 基础
    • Windows 3.1
      Windows 3.1 网站 下载 简单的
    • windows 计算器
      windows 自带的计算器。解压到c:\windows\system32下。直接windows键+r 调用calc命令运行。
    • windows95
    • windows shell
      windows shell的中文翻译,对windows程序员很有用
    • Windows file
      Windows file Windows file
    • windows 窗体
      加载子窗体的源码,windows 窗体。
    • windows清理
      Microsoft 已更新了 Windows Installer 清理实用工具(Windows Installer CleanUp Utility ).利用 Windows Installer 清理实用工具,可以删除程序的 Windows Installer 配置信息.如果您遇到安装(安装程序)问题,可能...
    • windows api
      windows api资源,包括:Windows高级编程源代码 MFC中文帮助 vfp_api Windows程序设计