UnHackMe permits you quickly and easily detect HackerDefense and its clones. It uses the fact that HackerDefender installs the service and driver. HackerDefender hides these keys from enumeration by registry functions. It can export the registry hive to a file. The export function writes all registry keys and values into binary file without filtering. You can get the list of services from exported file and compare it with the current registry keys list. It's not easy because the format of Microsoft registry binary files is not documented. The application can do it and after that the hidden keys will be easily found. Just click the check button and if a Trojan is found you will see the Results page. When you restart the computer HackerDefender will be completely deleted at the next reboot of your computer. UnHackMe has added additional options and can adjust a lot of small bugs. It verifies the identity of the UnrealRootkit and kills it. The program has improved Partizan anti-rootkit and testing for hidden registry keys.
UnHackMe permits you to identify and eliminate new generation of Trojan programs-invisible Trojans like Rootkits that are colections of programs which hacker uses to mask intrusion and request administrator-level access to a computer or computer network. It hides their files, registry keys, process names and network connections from your eyes. You should know that the Trojan fully controls your computer. The sample program is HackerDefender rootkit. It will be detected as HackerDefender 100. The program uses own kernel-mode system driver (UnHackMedrv.sys) to check the Windows shadow process. It's necessary to permit the instalation of UnHackMedrv.sis to your computer. The driver doesn't start spontaneously and doesn't change the permanence or security of your Computer. UnHackMe starts the drivers and uses it's results to detect the hidden processes. Unreal was made as a demo rootkit to show the new rootkit technology.
