[转载]Archon Scanner是一款spyware扫描工具
信息来源:邪恶八进制信息安全团队([url]www.eviloctal.com[/url])Archon Scanner is a whole new design for host security which is entirely different from traditional Anti-Spyware programs that uses Pattern-Matching approach and can only detect known Spyware. Archon’s Scan Engine utilizes an unique scanning algorithm known as Spyware Behavior Analysis Technology (SBAT), against modern sophisticated Spyware tricks; it can analyze malicious behavior of Spyware. This technology has a powerful capability of detecting all kinds of advanced stealth technique performed by malicious Spyware without any signature database. Archon Scanner achieves an excellent result in scanning and examining currently known or even those still unknown, malicious Spyware that might come up. Furthermore, Archon Scanner can compliment the weakness of general Anti-Spyware or Pattern-Matching Based HIDS to provide the best Anti-Spyware detecting solution for malicious software.
Key features of Archon Scanner:
Injected DLL Analysis:
Analyze the DLL-Injection Spyware or other masqueraded PE technologies.
API-Hooking Analysis:
Analyze all kind of System Global API Hooks in user mode, such as IAT, EAT, and Inline Hooking.
SSDT-Hooking Analysis:
Analyze SSDT Hook of kernel mode and detect the kernel-Mode Rootkit.
Hidden Process Analysis:
Analyze all kinds of hidden process.
Network Sniffer Analysis:
Analyze malicious network programs, such as Sniffer or Raw-Socket Spyware.
Please take note of the announcements on our web-site and update the latest Scan Engine. Archon Scanner also has auto-update feature. By connecting to Internet before starting Archon, Archon will automatically connect to our website and check the latest version. (It will send a HTTP Request to inform the latest version). There is no need to panic if warning is shown on your IDS, it is just a normal procedure.
Please pay special attention: Archon Trial Version does not provide additional consultations or educational trainings. Moreover, Trial Version can not be applied for any un-authorized business activities. Please test the Archon Trial Version on an insignificant computer. In case, unexpected damages occurred due to negligence for aforementioned special attentions, X-Solve wouldn’t be held liable for any loss.
During the trial period, we will appreciate any test reports or suggestions regardless whether a Spyware is determined or not. Further, if you have new Spyware samples (Backdoor/Rootkit), you can send them to archon(at)x-solve.com. Enthusiastic tester will receive updated trail version as reward.
Thanks for your Test!
:D
Download Archon Scanner 2006 (Beta Test Version)
[url]http://x-solve.com/blog/?p=59[/url]
页:
[1]