We're looking for sponsors, read more»

Ring3 API Hook Scanner v1.6

Ring3 API Hook Scanner is a powerful usermode Windows OS utility that helps detect some types of usermode hooks in processes such as inline, IAT and EAT hooks. No kernel-mode driver is needed and detailed information is provided about detected API hooks, including hook type and process name.

For Windows XP, Vista, 7, 8, 10 (32\64-bit)

app screenshot

Detect Ring3 (Usermode) API Hooks

This is a sort of anti-rootkit software that detects usermode hooks in processes and thus can help in detecting usermode rootkits that hook Windows APIs to hide files, processes, etc. Usermode hooks are used also by security software, so it doesn't mean your PC is infected if there are some APIs hooked.

Detect Usermode Hooks

Detect ring3 (usermode) hooks in processes, such as inline, IAT and EAT hooks.

Detailed Information

The program provides detailed information about detected API hooks.

Command-Line Version

We have developed also the command-line version of the program.

Very Lightweight

The software application uses only a few MBs of memory, you will not even notice it.

No Spyware\Adware

The program is free from spyware, adware or other pests, nothing extra is installed.

Free to Use

This software is completely free to use for anyone, at home and at work.

Application Screenshots

Here there are some screenshots of the application.

app screen

Product Details

Version 1.6
Last Updated February 4, 2015
Operating System For Windows XP, Vista, 7, 8, 10 (32\64-bit)
Category Malware Analysis Tools
License Type Freeware
File Size 1.4 MB