Is Rootkit Unhooker safe?

Discussion in 'other anti-malware software' started by quadrophonic, Jul 18, 2007.

Thread Status:
Not open for further replies.
  1. quadrophonic

    quadrophonic Registered Member

    Joined:
    Jan 24, 2007
    Posts:
    112
    I see that Castle Cops has approved this utility, but there's so little that appears in a Google search for the official site:

    http://rkunhooker1.narod.ru/

    and there's very little information on the official site.


    I found this post in the Antirootkit.com blog:

    http://www.antirootkit.com/blog/200...r-author-to-release-new-undetectable-rootkit/

    and it just leads to more questions. Has any other site studied this program yet? PC Magazine? Grc.com? If anyone can find detail reviews of the program by a software engineer, please post the link.

    From what I've read it has advantages over some of the other anti-rootkit programs because it supposedly removes the rootkit completely.

    I viewed this link to the Sysinternals forum that was posted in another thread:

    http://forum.sysinternals.com/forum_posts.asp?TID=11269&PN=1

    and it appears that the author of Rootkit Unhooker is contributing to that thread.
    Has someone from Sysinternals analyzed the program and given a "thumbs up" to it?

    The author seems to feel that Gmer and the others are quite inferior to his program. It seems that if he's willing to discuss it on Sysinternals, it should be safe (answering my own question here). I'd like to see what others here feel about it.

    By the way, is it worth running Sysinternal's Rootkit Revealer:

    http://www.microsoft.com/technet/sysinternals/Utilities/RootkitRevealer.mspx

    and how is the rootkit program that Avira PE Premium has incorporated into its AV software?
     
    Last edited: Jul 18, 2007
    quadrophonic, Jul 18, 2007
    #1
  2. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,238
    Location:
    Sydney, Australia
    Hello Quadraphonic:
    LOL, depends on if you want to dance with the devil :D

    Sorry:
    yes safe, complex, very advanced scanner functions, requires real expertise to use, may BSOD or not.
    Read the threads here, and supported here and at Sysinternals, castlecops, antirootkit.com et al.
    The developers have released a rootkit they themselves can not detect.

    PM EP_XOFF: https://www.wilderssecurity.com/member.php?u=58642
    he and his team are usually very responsive.

    If you want.
    Safe
    Useful
    Can produce confusing logs and allegedly has been bypassed by some rootkits
    Extensive support at Castlecops and Sysinternals

    Prolly "quite" good. All the AV vendors have some antirootkit scanners of some effectiveness: search the Sysinternals forums for EP_XOFF's tests: you will see.

    http://www.informationweek.com/news/showArticle.jhtml?articleID=196901062&pgno=7
    That is the only "main stream" review I am aware of and not bad at that.

    Is there some specific rootkit issue you are worried about?
     
    Longboard, Jul 20, 2007
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...