Rootkit Unhooker v3.7.300.509 - 来自俄罗斯的Rootkit检测工具

新客网 XKER.COM 2007-10-05 来源：收藏本文

Rootkit Unhooker是一款较新的RK检测工具,来自俄罗斯.其检测手段比IceSword可靠得多(虽然功能还不如IceSword齐全).有服务描述表钩子检测和恢复,强大的进程检测,强大的驱动检测,隐藏进程杀除,API钩子检测,驱动转储,生成报告等等功能.
1.软件界面为英文(低版本有中文文件,但不可用于高版本)
2. 支持以下操作系统 Windows 2000 Professional SP4, Rollup 1 Windows XP Home/Professional SP1, SP2 Windows 2003 Server (all editions) SP1, SP2 Windows Vista Ultimate
3.为避免出错,使用工具前关掉其他AntiRootkit工具以及带主动防御的反病毒产品(如卡巴斯基)、HIPS软件
4.软件运行需要管理员权限
5.要在安全模式下使用这个工具,在主界面选择Setup->"Extended Mode"

Rootkit Unhooker LE (RkU) is an advanced rootkit detection/removal utility, designed specially for advanced users and IT professionals. It runs under 32bit Windows 2000, Windows XP, Windows 2003 Server and Windows Vista. If you don't know how to use it, please do not tell that it is not working or found nothing. In the 95% of such incidents users simple don't know how to use this program.

Rootkit Unhooker features:
RkU News
Other Downloads
Sources
zo_O z0ne
About us
SSDT Hooks Detection and Restoring
Shadow SSDT Hooks Detection and Restoring
Hidden Processes Detection/Terminating/Dumping
Hidden Drivers Detection and Dumping
Hidden Files Detection/Copying/Deleting
Code hooks Detection and Restoring
Report generation

Supported operation systems:
x86 32 bit Windows 2000 SP4
x86 32 bit Windows XP +SP1, SP2
x86 32 bit Windows 2003 +SP1, SP2
x86 32 bit Windows Vista

Note: RkU requires Administrator rights to launch and work.

04 October 2007 - Rootkit Unhooker updated to 3.7.300.509
Changes:
fixed (we hope) detection for several types of hooks
fixed raw ntfs glitch at start
important: this version by default disables extended method of hidden processes detection, to enable it start rku from console with the following parameter "-hookswap" without quotes (e.g. Rku.exe -hookswap)

官网：http://rku.nm.ru/

下载:Rootkit Unhooker v3.7.300.509

上一篇：Internet Explorer v7.0.5730.13(10.04更新,数字签名9.26,免WGA) 下一篇：推荐小工具:Start++ 0.7.8 for Windows Vista

【收藏】【评论】【推荐】【投稿】【打印】【关闭】