RootRepeal Publisher's description
RootRepeal is a new rootkit detector currently in public beta.
RootRepeal is a new rootkit detector currently in public beta. It is designed with the following goals in mind:
Easy to use - a user with little to no computer experience should be able to use it.
Powerful - it should be able to detect all publicly available rootkits.
Stable - it should work on as many different system configurations as possible, and, in the event of an incompatibility, not crash the host computer.
Safe - it will not use any rootkit-like techniques (hooking, etc.) to protect itself.
Currently, RootRepeal includes the following features:
Driver Scan - scans the system for kernel-mode drivers. Displays all drivers currently loaded, and shows if a driver has been hidden, and whether the driver's file is visible on-disk.
Files Scan - scans any fixed drive on the system for hidden, locked or falsified* files.
Processes Scan - scans the system for processes. Displays all processes currently running, and shows if a processes is hidden or locked.
SSDT Scan - shows whether any of the functions in the System Service Descriptor Table (SSDT) are hooked.
Stealth Objects Scan - attempts to determine if any rootkits are active by looking for typical symptoms.
Hidden Services Scan - scans for hidden system services.
Shadow SSDT Scan - counterpart to the SSDT Scan, but deals mostly with graphics and window-related functions.
What's New in This Release:-Added: Bypassing of the latest TDSS variants.
-Added: RootRepeal now shows the version on the About page.
-Fixed: Some general bug fixes.
System Requirements:MicrosoftВ® Windows 2008 Server; Windows VistaВ®; Windows XP Professional or Home Edition; Windows 2000 with Service Pack 4; Windows 2003 Server
Note: Only x86 versions of Windows are supported.
128MB of RAM.
600KB of hard-drive space.
Program Release Status: Minor Update
Program Install Support: Install and Uninstall