UnHackMe v5.95 Build 348 Portable Final
Windows NT4/2000/XP/2003/Vista/Windows 7
UnHackMe - First BootWatch AntiRootkit.
UnHackMe is specially designed to detect and remove Rootkits (a new generation of Trojan programs - invisible Trojans).
A rootkit is a program that a hacker uses to mask intrusion and obtain administrator-level access to a computer or computer network.
The intruder installs a rootkit on a computer using a user action or by exploiting a known vulnerability or cracking a password.
The rootkit installs a backdoor giving the hacker a full control of the computer. It hides their files, registry keys, and process names, and network connections from your eyes.
Your antivirus may not detect such programs because they use compression and encryption of its files.
UnHackMe allows you to detect and remove Rootkits, and is tested for removal all modern rootkits: Rustock, Haxdoor, Hacktool, Elite Keylogger etc.
UnHackMe4 detects hidden services registry keys, processes, services, drivers.
Partizan watches the Windows boot process.
Reanimator detects and remove Trojans/Spyware/Adware using signature database (Greatis Application Database).
Each rootkit needs a way to automatically start after computer reboot.
We can detect it and remove a rootkit from auto start.
1. Detecting kernel rootkits without a lot of BSOD.
2. Partizan checks the computer automatically during every Windows boot.
3. Partizan uses small number of computer resources.
4. Partizan takes only a couple seconds for checking. Compare it with full disk scan.
5. Partizan is a powerful. It can detect a remove any kernel/usermode rootkit, Trojan/Spyware/Adware components.
6. You can use other anti-rootkit software in addition to Partizan as well.
Partizan activates several agents for monitoring the Windows boot process.
* Anti-Bootkit. Used against Bootkit rootkits located in the boot sectors (in development).
* Partizan boot driver. Used against Rustock clone rootkits. It can trace registry services and delete a service. Partizan driver starts on the early stage of the Windows boot process. Partizan driver has additional "safe" mode allows to skip processing of the Winlogon and similar registry keys by Windows operation system to avoid infection and for easy removing infection.
* Partizan Native application. It is started from the BootExecute registry key. Partizan deletes files/streams and service keys.
* Secure Start. It starts before Windows shell starts using RunOnceEx key.
Secure Start executes UnHackMe application for rootkits testing using information from the Partizan boot driver. Secure Start can remove Trojans/usermode rootkits/spyware/adware using RegRun Reanimator with Application Database.
Compatible with all known antiviral software.
v5.95:
* New! RegRun Examiner reveals the hidden rootkit files and infected system drivers.
RegRun Warrior is required. The Examiner works for 32 and 64 bit systems.
* Improved malware-scanning engine. Detected and removed TDL3+ rootkit. TDL3+ rootkit removal lesson. Detected and removed UXTHEME virus.
* Updated signature databases.
v5.9:
Major update.
* New! RegRun Examiner reveals the hidden rootkit files and infected system drivers.
RegRun Warrior is required.
The Examiner works for 32 and 64 bit systems.
* Improved malware-scanning engine.
* Updated Web Update component.
* Compressed signature databases.
* UnHackMe tested for removal of all modern rootkits.
0 comments:
Post a Comment