Friday 14 October 2011

RootRepeal-Rootkit Detector Tool

rootkits are the malicious tools which create backdoors and allows attacker to maintain access to the victim computer. It hide itself and hard to detect. There are many tools available to detect and remove rootkits.
Rootrepeal is also a nice tool which detects all type of rootkits. 

RootRepeal includes the following features:

Driver Scan - scans the system for kernel-mode drivers.  Displays all drivers currently loaded, and shows if a driver has been hidden, and whether the driver's file is visible on-disk.
Files Scan - scans any fixed drive on the system for hidden, locked or falsified* files.
Processes Scan - scans the system for processes.  Displays all processes currently running, and shows if a processes is hidden or locked.
SSDT Scan - shows whether any of the functions in the System Service Descriptor Table (SSDT) are hooked.
Stealth Objects Scan - attempts to determine if any rootkits are active by looking for typical symptoms.
Hidden Services Scan - scans for hidden system services.
Shadow SSDT Scan - counterpart to the SSDT Scan, but deals mostly with graphics and window-related functions.

Download Here: