Description
RootkitRevealer is an advanced tool for detecting rootkits. It runs on Windows NT 4 and later. The program displays a list of inconsistencies between the results of the work of the file system and registry APIs with real data. These inconsistencies may indicate the presence of a rootkit program running in user mode or kernel mode.
RootkitRevealer successfully detects all persistent rootkits, including AFX, Vanquish, and HackerDefenter. Please note that RootkitRevealder is not designed to detect malware like the Fu program that does not try to hide its files and registry keys. Please let us know if you are using this tool to detect the presence of rootkits.
The RootkitRevealer program is no longer a console program because malware authors have begun to detect the presence of the RootkitRevealer scanner by the name of the executable file. The scan is now invoked from a copy of the RootkitRevealer program with a random file name running as a Windows service. This type of startup makes the process inaccessible from the command line. However, you can use command line options to run an automatic scan and write the scan results to a file. This is equivalent to the behavior of the command line version of the program.
Software™ Copyright © 2023. All rights reserved