|Operating System:||Windows XP/Vista/7
Can only be used on 32-bit operating systems.
|File Size:||454 KBs|
|Last Updated:||06/08/16 07:43:04 PM EDT|
RootRepeal is a rootkit scanner that scans for kernel-mode drivers, whether they are hidden, or if the driver file is hidden on disk. It also has the ability to look for hidden files, hidden process, SSDT hooks, hidden services, and stealth objects.
RootRepeal is a new rootkit detector currently in public beta. It is designed with the following goals in mind:
Currently, RootRepeal includes the following features:
* - falsified files are files which have their size mis-reported to the Windows API. Some rootkits use this to hide data.
RootRepeal is currently in public beta. Whereas every effort has been made to ensure compatibility with every system configuration on Windows 2000, XP, 2003 and Vista, it cannot be guaranteed. There is always some risk when scanning for rootkits. Before running RootRepeal, please make sure you have backups of all important data and have saved all open documents.