Rootkit Unhooker

Rootkit Unhooker is a straightforward utility that gives you the possibility of scanning and removing rootkits from your system. It also lets you terminate processes and drivers, among others.

After a brief and uneventful setup procedure that does not require special attention from the user, you are greeted by a standard window with a well-structured layout. It is not eye-catching but easy to navigate.

The main window includes multiple panels dedicated to SSDT, shadow SSDT, processes, drivers, stealth code, files, code hooks, and a report.

You can unhook one or more selected files, terminate processes (with or without force), view corresponding DLLs, dump all process memory, wipe or copy the file, as well as perform BSOD. This set of options applies to all items in the aforementioned panels.

Rootkit Unhooker creates a report with log activity and provides options for exporting it to file for further evaluation. Plus, you can change the background and text colors, show only hooked functions, hide grid lines, and use standard DiskIO. Settings may be restored to their factory values at any time.

The application is low-demanding when it comes to CPU and RAM. It has a good response time and finishes a task quickly and without errors. Unfortunately, Rootkit Unhooker has not been updated for a long while, and it is not supported by newer operating systems.