I agree with RootkitRevealer from Sysinternals is another good one. A sweep reveals how well embedded SSM is stationed as defense on my machines.
Found the ENGLISH version of Ice Sword for you guys in case you haven't seen it yet. Let's see some more opinions.
SYSTEM SERVICE DESCRIPTOR TABLE is a section you will want to see also.
http://www.google.com/url?sa=D&q=http://www.xfocus.net/tools/200509/IceSword_en1.12.rarI'm going to release some Trojan Simulators and also the Hide Folders & Files (hff.exe) to my units in examinations.
Not quite ready yet to drop in any virus in testing untill
SYSTEM SAFETY MONITOR is been fully configured on my boxes.
I do however suggest you download and give this program a try. It's in it's final day of Beta today and will be tentitively scheduled for release commercially Feb14 Valentine's Day.
It's an intensive rules-based ALL process and ALL applications and services Live Monitor that intercepts any and all calls before they are responded to by Windows, this includes critical Registry Keys and subs! Looks very effective and in testing on my boxes is so far proved 100% security.
Personally i don't feel it gets any better than this for full protection but any comments will definitely warrant attention.
FINAL! BETA 559 DUE FOR RELEASE TODAY!I might add in my defense testing i also employ a really effective and low hit on the systems live directory monitor.
The program itself is about 4 years old when it was beta which it seems to been left at and abandoned.
It automatically is hard coded to monitor the hosts file while it watches for changes in real time to any folder you set in it, (mine is System32).
Only for Windows XP, 2000 and NT.FILE CHANGE ALARMWorking in combo with SSM it's adds and indeed seals your security tight!
Here is another very good read when you find time:
http://www.security.org.sg/code/kproccheck.html
