Rootkit Unhooker v3.0 Beta 1 - 2006-10-01

Whats's new in version 3.00 build 80/290 code named "Splicer" Beta 1 (01.10.2006)

added: hidden files detection (copying, content erasing)
added: ability to restore hooked system call instruction
added: kernel/user mode code hooks detection and unhooking
added: new method for processes scanning engine
added: multi-language support
added: processes dumping (with fix)
improved: system call detection
fixed: many bugs in driver and application

Download English Version:
http://www.rku.xell.ru/?l=e&a=dl

The Tab 'Code Hooks Detector' crashes in my case the application.

 

Thanks looks interesting

Do you have any screen caps? How does it compare to icesword?

 

Here`s one:-

 

Thanks Stem

 

What does "no NTFS" support mean?

Only operational on FAT32 file system?

 

I think the basic functions like Hook and Hidden detector work also on NFTS, but features like 'Code Hooks Detector' not. Correct me when i am wrong folks.

 

The quote below is from the program's author:

Current version of Rootkit Unhooker v3.0 is Beta 1. It not includes NTFS support. This feature will be available in Beta 2.

 

I could be wrong, but the NTFS part probably refers to ADS.

 

The rootkitunhooker site no longer publishes the source code.
Does anyone have an old copy?
I am interested in restoring the SDT on a Windows 2003 OS.

Thanks, Ric