Rootkit Revealer is an advanced free rootkit detection software for Windows. This rootkit detection freeware roots out and the lists file system API and registry discrepancies that may execute in user or kernel mode and go unnoticed by the antivirus, spyware blocker, and other system utilities.
Rootkit Revealer has successfully detected many persistent rootkits including Vanquish, AFX, and HackerDefender. It is important to remember that Rootkit Revealer has not been designed to detect such rootkits as Fu, which make no attempt to hidden its files or registry keys.
This rootkit scanner is an amazing piece of software, so much so that various malware developers have begun targeting Rootkit Revealer’s scanning system by using its executable name. The engineers and designers of this rootkit detection application have therefore been forced to update this utility so that it begins its scan from a ransom copy of itself, which runs as a service of Windows. This confuses any would-be hackers and malware authors and keeps the user’s computer safe.
Rootkit Revealer is also obtained as a part of Sysinternals suite from Microsoft.
Programs like this rootkit detection software enable users to know if their machine is infected with one or more of the following, a virus, malware, spyware,and a trojan that may be present in the system. Basically the aforementioned computer dangers are able to hide themselves from antivirus programs, anti-spyware, anti-malware, etc and are sometimes latent in the computer for a time before being activated. There are various rootkit classifications and these depend on whether the malware survives a reboot or whether it executes in kernel mode or user mode. Read more about rootkits.
Types of Rootkits:
Persistent rootkits are generally connected with malware, which activates every time the computer is started. These types of rootkits are usually executed by a code which is may be hidden in the file system or registry. When the user starts his or her computer, the malware program, uses this code to activate itself. it does not want or need the user’s intervention. Rootkit Revealer is able to detect rootkits as well as hidden codes in the file system or registry and notify the user.
Memory-based rootkits are malware without hidden codes and thus cannot survive a computer reboot. Rootkit Revealer is able to recognize these types of malware and will recommend rebooting the system.
A rootkit may try to avoid detection in many ways. For example, a rootkit that runs in user-mode may intercepts the calls made to certain Windows APIs and change their output to delete entries that can identify the file association with these rootkits.
Rootkit Revealer, however knows most of the “hiding places” and “tricks” that hackers and malware authors do with their malware programs and detects it prior to the rootkit causing any trouble.
Also check out other rootkit removers we covered earlier, including: Trend Micro Rootkit Buster, and Sophos Anti-Rootkit.
How does Rootkit Revealer work?
As mentioned above, the rootkits may try to hide their presence by modifying the API results that may reveal their file association. The Rootkit Revealer compares the system scan results of Windows API (the highest level) to the raw file system or registry content (the lowest level). Once compared, Rootkit Revealer is able to ascertain which of the data is true and which is fake or has been changed by a rootkit.
With the Internet spreading across the globe like some sort of modern-day plague it is becoming more and more important to have security on your computer system. Indeed we all know the dangers of viruses and the like, therefore having simple programs that detect rootkits or rootkit detection, rootkit scanners, etc are very important. Rootkit Revealer is one of the leaders in helping users keep rootkit penetration out of their computer. Keep you system safe from the nefarious people in this world by installing Rootkit Revealer to perform a rootkit scan on your hard disk today.