windows 포렌식(6)
-
ZeroAccess- ZeroAccess rootkit kills security software
ZeroAccess rootkit kills security software
-
ZeroAccess – an advanced kernel mode rootkit, pdf
ZeroAccess – an advanced kernel mode rootkit 직접다운받기
-
[Windows Forensic] FAT: General Overview of On-Disk Format
Hardware White Paper FAT: General Overview of On-Disk Format Contents Notational Conventions in this Document.................... 6 General Comments (Applicable to FAT File System All Types)......................................... 6 Boot Sector and BPB ................................................... 6 FAT Data Structure .................................................... 12 FAT Type Determ..
-
ZeroAccess, Volatility, and Kernel Timers
ZeroAccess, Volatility, and Kernel Timers http://mnin.blogspot.kr/2011/10/zeroaccess-volatility-and-kernel-timers.html As today is Volatility Friday, we'll discuss how to hunt ZeroAccess in memory by following the lead of several others and then writing our own custom plugin. I first want to recognize the work done on this topic by Frank Boldewin, Giuseppe Bonfa, and Marco Giuliani. They are the..
-
Runscanner - 실행
실행하기 exe파일 실행 OK 실행화면!!! Scan computer 버튼 클릭 분석결과
-
Runscanner-startup and hijack analyzer
Runscanner startup and hijack analyzer portable Runscanner site http://www.runscanner.net/ 다운로드 상단의 Download 링크 클릭 > Freeware Download버튼 클릭 직접다운로드