Shadow SSDT

#9987 by utsav.0202
Tue Nov 29, 2011 8:35 am

Hi
How do I get the index of the routines of Shadow SSDT in Windows 7?
For other OS I used Rootkit Unhooker but it does not support Win 7.

Thanks and Regards
Utsav

Username

utsav.0202

Posts

61

Joined

Mon Apr 11, 2011 2:04 pm

Re: Shadow SSDT

#9988 by EP_X0FF
Tue Nov 29, 2011 9:15 am

utsav.0202 wrote:Hi
How do I get the index of the routines of Shadow SSDT in Windows 7?
For other OS I used Rootkit Unhooker but it does not support Win 7.

Thanks and Regards
Utsav

You are using wrong or outdated version, Rootkit Unhooker supports x86 Win7.

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Re: Shadow SSDT

#9997 by utsav.0202
Tue Nov 29, 2011 12:35 pm

Version 3.7.300.509 is not working on Win 7

Error loading driver NTSTATUS 0XC0000001 (STATUS_UNSUCCESSFUL)

Username

utsav.0202

Posts

61

Joined

Mon Apr 11, 2011 2:04 pm

Re: Shadow SSDT

#9998 by EP_X0FF
Tue Nov 29, 2011 12:44 pm

utsav.0202 wrote:Version 3.7.300.509 is not working on Win 7

Error loading driver NTSTATUS 0XC0000001 (STATUS_UNSUCCESSFUL)

Where did you get this museum version? It is 4+ years old.
http://www.kernelmode.info/forum/viewto ... ?f=11&t=10

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Re: Shadow SSDT

#10014 by utsav.0202
Wed Nov 30, 2011 6:35 am

...museum version...

:lol:

thanks :)

Username

utsav.0202

Posts

61

Joined

Mon Apr 11, 2011 2:04 pm

Re: Shadow SSDT

#13587 by TechJason
Thu May 31, 2012 9:32 pm

EP_X0FF, can you make sissy @ SoftPedia & sissy @ AntiRootkit remove museum version and put new http://www.kernelmode.info/ARKs/RkU3.8.389.593.rar.

http://www.softpedia.com/get/Security/S ... oker.shtml
http://www.antirootkit.com/software/Roo ... hooker.htm

Username

TechJason

Posts

1

Joined

Thu May 31, 2012 4:12 pm