Stardock releases Galactic Civilizations III, a true... - 2015-05-14 - With Galactic Civilizations III’s release today, the PC gets its first native 64-bit strategy game. 64-bit, along with DirectX 12 is the one-two combination that is...

Migrating C/C++ from 32-Bit to 64-Bit - 2015-05-12 - A major driver of modern C/C++ development is the need for producing native 64-bit code. In most cases, servers and desktop systems are now almost exclusively 64-bit...

Windows 8.1 64-Bit Remains the World’s Second Gaming... - 2015-05-04 - With Windows 10 almost here, only few users are still looking for new computers to work and/or play, and just as expected, Windows 8.1 is the most common choice when...

Start64!Security vendor NoVirusThanks has released SSDT View, a 64-bit (only) tool that can show you the contents of your System Service Descriptor Table, perhaps highlighting changes made by rootkits and other stealthy malware.


There are of course plenty of antirootkit tools around that can do something similar, and a whole lot more, but these are generally aimed at Windows experts. SSDT View is safer, and far simpler, which makes the program accessible to a far wider audience.

What’s the SSDT? Whenever Windows or one of your applications wants to carry out some action -- check the Registry, read or write a file, launch or close a process, and so on -- then this will usually result in Windows calling a service in the System Service Descriptor Table. Writing to a file will call the NtWriteFile service to do the actual work, for instance; on our test PC that entry points to memory address 0xFFFF:F800:0356:B210, which is within the module C:\Windows\system32\ntoskrnl.exe – the Windows kernel.

facebook-3 twitter-3 rss-3 email-3

logo-bottom

   eXTReMe Tracker