Download

An evolved rootkit monitoring tool is called Rootkitrevealer. It runs on Windows Nt 4 and higher, and its performance lists disparities between the registration and document network Apis that could be caused by a user-mode or rootkit’s’s involvement.

Most lasting rootkits, such as Afx, Vanquish, and Hackerdefender, are successfully detected by Rootkitrevealer. However, it is not intended to identify file – or registry-key-protected roots like Fu.

Rootkitrevealer compares the outcomes of a network scan at the highest and lowest levels because lasting rootkits operate by altering Api results, causing program views using Apis to differ from actual safe-keeping views. The Registry’s’s on-disk storage arrangement, or hive folder, is the lowest degree, followed by the Windows Api and the primary contents of a file system volume.

Advertisement

Therefore, Rootkitrevealer will notice a discrepancy between the information returned by the Windows Api and that seen in the raw check of an Fat or Ntfs volume’s’s file system structures when using rootkits, whether in individual way or center mode, to eliminate their presence from directory listings, for instance.

Advertisement

Technical

Title:

Windows rootkitrevealer 1.71

Requirements:

1. Nt Windows
2. Upgrades of Skylights
3. 2000 Panels

Language:

English

License:

Free

most recent update:

30th July 2023, a Friday

Author:

Microsoft Internals

https://www.microsoft.com/technet/sysinternals

Download