(The main functions of XueTr 1. Process, thread, process module, process window, process memory, timer, hotkey information detection, killing process, killing thread, uninstalling module and other functions 2. Kernel driver module detection, supporting the memory of the kernel driver module Copy 3.SSDT, ShadowSSDT, FSD, Keyboard, TCPIP, Classpnp, Atapi, Acpi, SCSI, Mouse, IDT, GDT information detection, and can detect and restore ssdthook and inlinehook4.CreateProcess, CreateThread, LoadImage, CmpCallback, BugCheckCallback, Shutdown, Lego and other NotifyRoutine information detection, and support the deletion of these NotifyRoutines 5. Port information detection, now does not support 2000 systems , keyboard, network layer and other filter driver detection, and support deletion 9. Registry modification 10. Process iat, eat, inlinehook, patches detection and recovery 11. File system detection, support basic file operations Plugins, SPI, startup items, services, H/OST files, image hijacking, file correlation, system firewall rules, IME13.ObjectTypeHook detection and recovery 14.DPC timer detection and deletion 15.MBRRootkit detection and modification 16.Kernel target hijacking Detect 17. Other functions required for manual antivirus, such as modifying LSP, modifying security mode, etc.
_rels\.rels
readme.txt
XueTr.config
XueTr.exe
XueTr User Manual.chm
description.txt
.....too many files .....)