Makers of the tiny, powerful RootkitUNhooker have released
a new version. Earlier, I posted about the Unreal rootkit test file,
which bypassed nearly every known anti-rootkitter; version
3.20 of RKU detects Unreal.A
*Here's a list of some of the rootkits that RKU detects and removes.
*Latest version: 220.127.116.118 [updated February 18th, 2007]
*Info about the next version:
version 3.30 will include:
added: DKOH detection (not unhookable) for common kernel objects
added: ability to dump kernel memory region
added: AntiRkU and based tools bypassing, xdf updated to v0.7
fixed: few bugs in driver, related to self-protection part
And some other features not listed here, because they are not ready yet.
Release date: as soon as it will be ready
-Thank you, independent coders, for advancing security software
farther than any AV company ever could.
Another interesting note: while reading the RKU forum, I happened
upon a post by someone requesting source code for the program.
One of the authors of RKU responded:
"If we give sources for public, they also will be used for malware