Rootkit Unhooker

Discussion in 'other anti-malware software' started by Z0mBiE, Dec 11, 2006.

Thread Status:
Not open for further replies.
  1. EASTER.2010

    EASTER.2010 Guest

    Re: RkUnhooker RC3

    @MP_ART

    How may i ask without revealing your trade secrets do you developers manage to SQUEEZE all those superior features into an install that weighs in at a mere and amazingly tiny 144kb?

    That in and of itself is a feat i never seen in any Detector. :eek: Great Effort!
     
  2. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    Re: RkUnhooker RC3

    Thanks, as always great work!
    Runs smooth, but hasn't detected any Rootkit on my machine :) What a pitty *puppy*
     
  3. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    The best just got even better. Full marks to the RKU crew.


    StevieO
     
  4. MP_ART

    MP_ART Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    25
    Location:
    Krsk
    Re: RkUnhooker RC3

    Just use our own runtime libraries, direct Win32/NT API, and do not use .NET :D
     
  5. EASTER.2010

    EASTER.2010 Guest

    Yeah i have to side with you big time on that. .NET is the biggest bloated release that never should have come about, but oh well it did unfortunately.

    CONGRATULATIONS!! On RKUnhooker 3.20

    You fellows made an already world class detector even more effective! :thumb:
     
  6. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,742
    Re: RkUnhooker RC3

    @EP_EXOFF

    Were you able to find anything in the logs?
     
  7. EP_X0FF

    EP_X0FF Registered Member

    Joined:
    Nov 8, 2006
    Posts:
    233
    Re: RkUnhooker RC3

    No, nothing unusual. All hooks in your logs related to your security software.
     
  8. Birdman

    Birdman Registered Member

    Joined:
    Nov 24, 2003
    Posts:
    571
    Pardon my ignorance, but how do I know if I have any rootkits after installing and running this fine program? I'm not sure how to read the results? Thanks.
     
  9. EP_X0FF

    EP_X0FF Registered Member

    Joined:
    Nov 8, 2006
    Posts:
    233
    Post it here as attachment and we will look.
     
  10. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,742
    Re: RkUnhooker RC3

    That's a good thing! Thanks for taking a look for me.
     
  11. Birdman

    Birdman Registered Member

    Joined:
    Nov 24, 2003
    Posts:
    571
    Report attached. Thanks for your help.
     

    Attached Files:

  12. MP_ART

    MP_ART Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    25
    Location:
    Krsk
    There is no rootkits in your report file. All hooks in your logs related to your security software.
     
  13. EASTER.2010

    EASTER.2010 Guest

    Looking forward to new update that corrects a few things found i believe?

    Nice program and very powerful engine/techniques too.
     
  14. azumi21

    azumi21 Registered Member

    Joined:
    Aug 16, 2004
    Posts:
    129
    Hello,

    Why does Rootkit Unhooker need to install 5 drivers ?
     
  15. EP_X0FF

    EP_X0FF Registered Member

    Joined:
    Nov 8, 2006
    Posts:
    233
    Hello,

    It is not, why you think so?
     
  16. azumi21

    azumi21 Registered Member

    Joined:
    Aug 16, 2004
    Posts:
    129
    before installation of any software,
    I look at the hidden non-plug and play drivers (manage, device manager, show hidden)
    compare them to my normal list.
    and right after installation of RootKit Unhooker, there are 5 added.
    1 being: "Rootkit Unhooker Driver" and 4 more different ones like "2AD88D7072B10735"
     
  17. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    Question EP_X0FF, I used the earlier version of RKU the one before current and notice that when I do hidden files detector scan it used to show the blocked files, in the latest release it doesn't show the blocked anymore is there a reason for this? Thanks in advanced. :)
     
  18. MP_ART

    MP_ART Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    25
    Location:
    Krsk
    @azumi21

    2AD88D7072B10735 and other services like that, is a temporary RkU file scanner service, that used only during RkU work. You may delete this entries.

    @yankinNcrankin

    Blocked files since last version will be showed only if hidden ADS found in that files.
     
  19. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    @ MP_ART thanks man, but I'm a bit bummed, now I'm unable to copy blocked files, I liked that feature since I got to look at the files using note pad and hex, now I cant do it cause files in use I remeber when I could do it in the older versions of RKU now I cant since blocked files wont show up in hidden files scan.
    Not that it was necessary but it was nice to be able to view such files. thanks again.
     
  20. SafetyFirst

    SafetyFirst Registered Member

    Joined:
    Jan 26, 2007
    Posts:
    462
    I have the same issue like Rodehard - when I click "Report" and "Scan", after a few minutes I get:



    Sorry, but unhandled exception has occured

    Program will be terminated

    Exception code: 0xC0000005

    Instruction address: 0x006E0061

    Attempt to write at address: 0x00000000
     
  21. MP_ART

    MP_ART Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    25
    Location:
    Krsk
    This exception probably caused by NTFS scanner. This module now under totally revision.
     
  22. vincenzo

    vincenzo Registered Member

    Joined:
    Nov 28, 2005
    Posts:
    151
    Running RKUnhooker for the first time, says Possible Rootkit Activity detected.
    Any help would be appreciated. I've attached the log.

    Thanks

    ~~ attachment log removed ~~
     
    Last edited by a moderator: Feb 20, 2007
  23. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Hello vincenzo,

    Wilders Security no longer provides one-on-one PC cleaning services. Any of the forums that provide HijackThis and spyware cleaning services ought to be able to assist you. See the below thread for some links:

    https://www.wilderssecurity.com/showthread.php?t=42148
     
  24. EP_X0FF

    EP_X0FF Registered Member

    Joined:
    Nov 8, 2006
    Posts:
    233
    Vincenzo, please feel free to send your log to us via our email, or via our forum - http://forum.xell.ru

    Thanks.
     
  25. Dongwook

    Dongwook Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    6
    Can somebody help me interpreting Rootkit Unhooker Report? I am pretty new to this software and I am not that technical.

    Thank you for your help

    ~ snip ~
     
    Last edited by a moderator: Feb 21, 2007
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.