广告

Rootkit Revealer1.71

Microsoft SysInternals(免费)

用户评分6

广告

RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.

RootkitRevealer successfully detects many persistent rootkits including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don't attempt to hide their files or registry keys).

Since persistent rootkits work by changing API results so that a system view using APIs differs from the actual view in storage, RootkitRevealer compares the results of a system scan at the highest level with that at the lowest level. The highest level is the Windows API and the lowest level is the raw contents of a file system volume or Registry hive (a hive file is the Registry's on-disk storage format).

Thus, rootkits, whether user mode or kernel mode, that manipulate the Windows API or native API to remove their presence from a directory listing, for example, will be seen by RootkitRevealer as a discrepancy between the information returned by the Windows API and that seen in the raw scan of a FAT or NTFS volume's file system structures.

标题;
Rootkit Revealer 1.71 Windows 版
文件大小:
231.39 kB
要求:
  • Windows 7,
  • Windows XP,
  • Windows 8,
  • Windows 2003,
  • Windows 2000,
  • Windows Vista,
  • Windows 10
语言:
中文
适用语言:
  • 中文,
  • 英文,
  • 德文,
  • 日文,
  • 波兰文,
  • 法文,
  • 西班牙文,
  • 意大利文
许可证:
免费
添加日期:
Saturday, November 11th 2006
作者:
Microsoft SysInternals

https://www.microsoft.com/technet/sysinternals

SHA-1:
ed726d50e09729fd218a12b7a2fbd9deecccbb9c

目前 Rootkit Revealer 的 1.71 版尚无任何更新日志信息。有时候,发布者需要一些时间才能公布该信息,过几天再回来看看有无更新吧。

帮一下忙!

如果您有任何更新日志信息,希望与我们分享,我们非常乐意倾听!发送至联系页面联系我们吧。

广告