A forum for reverse engineering, OS internals and malware analysis 

Forum for announcements and questions about tools and software.
 #291  by AltF4
 Thu Mar 18, 2010 4:54 am
I am just curious if there are tools similar to HideToolz and offer similar functionality (but perhaps different rules and behaviors that the user can define) ?
I know that IceSword offers some process forbidding, which is quite useful, but other than these two tools, I haven't seen too many.

Not really looking for a whole HIPS system like Malware Defender, but rather, just a portable tool kind of like these.
 #292  by EP_X0FF
 Thu Mar 18, 2010 5:02 am

XueTr provides some "Forbid" functionality. However it is unstable.
What's wrong with HideToolz? Last available mod 2.2 by Fyyre is compatible with Windows 7.

 #295  by AltF4
 Thu Mar 18, 2010 5:28 am
Hehe, yea nothing is wrong with HT at all :P
I enjoy it very much.

Was just seeing if I there was anything I was missing out on (seem to discover sometimes I am when looking over list of ARK tools)
Would love to see HT get a better GUI though, and some more features (would also be nice to allow the user to choose if the action should occur, such as a Shutdown)

Anyway, thanks EP.
A nifty new forum you (and Fyyre?) have going here.
 #296  by EP_X0FF
 Thu Mar 18, 2010 5:32 am
Hi Matt,

Yes Fyyre registered here also ;)
AFAIK full source code of HideToolz in assember is available (Fyyre get it with reverse engineering).
However I would much more like to see something like this but C/C++ available as open-source too :)

 #508  by EP_X0FF
 Thu Apr 01, 2010 12:32 am

On my test machines it is working. However because HideToolz intensively modifies SSDT - BSoD is not a surprise :)
Main problem here - nobody will not fix this, because this tool currently has no developers. At least public version.

 #533  by STRELiTZIA
 Fri Apr 02, 2010 8:11 pm
Ahmed18 wrote:
Last available mod 2.2 by Fyyre is compatible with Windows 7
BSOD with windows 7 !! :cry:
Hi, Ahmed18 :)
Working fine on my VMWare + Windows Seven.
SSDT hook without any BSOD.

Unfortunately the tool is ineffective after CLEANING SSDT hook.