This tool for experienced users will identify rootkits installed to hook the kernel system services. If that sounds like gibberish, this tool, though easy to use, isn't designed for you. With two tabs and three buttons, RootKit Hook Analyzer takes no time to learn. A short Help file attempts to explain what this application is designed to find, but it will be of little use to users not already familiar with the concepts.
Operating RootKit Hook Analyzer is a snap. Merely open the application and press the analyze button. In seconds, the plain text results window displays a list of all services. Those hooked to the kernel are displayed in red, but there's also an option with a quick click of a check box click to show only hooked services. The application includes a tool to stress test any found hooks. The tool simply checks if the hook performs proper parameter checking. Run the test and get a system crash and you're running poorly written software. It's up to the user to figure out how to resolve the results.
This application can't identify the product origin of all hooks. To help users see what is running on their system, a second tab lists all loaded modules. An export button will save the lists to a text file. Some testers reported the log file would occasionally fail.
Expert users will find RootKit Hook Analyzer a useful freeware tool for finding kernel hooks.
RootKit Hook Analyzer is a security utility which will check if there are any rootkits installed on your PC which hook the kernel system services. Kernel RootKit Hooks are installed modules that intercept the principal system services that all programs and the operating system rely on. Kernel hooks are out of fashion these days and not officially documented and considered deprecated by Microsoft. The pioneering heroes of the old days who discovered how to actually implement them have all adopted the new fashion of advising against using kernel hooks as a programming practice.
Often kernel hooks are unnecessary because there are documented ways that allow a programmer to achieve his goal. However in a lot of system tools such as monitoring and antivirus software, kernel hooks are the only available technique to get the difficult job done and thus an unavoidable necessary evil. Important is that if your kernel system services are hooked that you can find out which is the responsible software that makes use of these techniques. Inspired by all the discussions going on about the Sony CD protection rootkit, we have developed the RootKit Hook Analyzer. Version 3.02 includes unspecified updates.
What's new in this version:
Version 3.02 includes unspecified updates.