I don't know it's value as it's in Chinese - therefore the app displays "???" but detections are in English
Here's a screenshot:
The Beginning Of The End For Rootkits?
On May 30, Holy_father lamented in a comment posted on his site, "One of my priorities this summer [will be] to beat IceSword." He went on to call it "such a nice tool, [a] real challenge."
What could have caused the much-loathed creator of Hacker Defender to moan so mournfully in the face of a competing development?
IceSword is a rootkit-beating program from Xfocus.net. The site is the home of a Chinese group of security researchers who've published a number of Windows vulnerabilities. The group famously announced last December some major security holes in Internet Explorer that Microsoft scrambled to patch.
In a posting on the Hacker Defender site, one commenter noted: "Most rootkits hide services from service management controllers by hooking some API such as EnumServicesStatus..." To combat such rootkits, he added: "IceSword maps the advapi32.dll... and gets the 'pure' (unhooked) EnumServicesStatus." This permits the program to detect anything that may have been hiding behind these services.