RootKit Hook Analyzer


RootKit Hook Analyzer is a security tool which will check if there are any rootkits installed on your computer which hook the kernel system services.

If any hooks have been found on your computer system and you find they are not malware but part of a legitimate product, RootKit Hook Analyzer allows you to test if the hooks have been properly implemented and do proper parameter checking.

On a clean Windows installation, as soon as any application calls a system service from user mode, its parameters will be checked for validity by the function which executes in kernel mode. This means that if the application passes bogus parameters, it receives an error code and does not cause the computer to crash. However if the system service is hooked and the hooked function does not do proper parameter checking it can crash the system. One of the main causes for computer crashes (blue screens and resets) these days is because legitimate programs (very often security products) which do system call hooking do not properly validate their parameters.


Please note: support and development of this product have been discontinued. Functionality of this product can be found in SanityCheck.


Download RootKit Hook Analyzer

Permanent link to this article: