ALL >> Computers >> View Article
How Does Rootkitrevealer V1.71 Systinternal Work To Make Your Pc Safe From Rootkit?

Have you heard of Rootkit? If you know about it then you also understand the crucial need of protecting your PC from Rootkits. And if you don’t know about it then you can understand this as malicious software that an attacker can install on your PC after gaining the administrator access.
Why Rootkits are Malicious?
Rootkit is considered malicious because it can install malware, viruses, spyware, and Trojans, on your PC and keep those hidden from being detected by antivirus, spyware blockers and system management utilities. Rootkit also exerts another danger under which it intercepts data from terminals, keyboards, network connections, etc.
There are different methods through which Rootkits can evade detection. The main method through which it manages to avoid detection is either by surviving reboot or by executing in kernel mode or user mode. Rootkit gets activated each time your PC boots up and most importantly its activation process gets completed much before the boot up process of the system. In this way, Rootkit remains hidden in a PC and can’t be detected through normal processes.
How RootkitRevealer ...
... Works?
RootkitRevealer v1.71 is a Sysinternals security utility that can conveniently detect the deep hidden Rootkits on your PC. This utility was created by Bryce Cogswell and Mark Russinovich. It runs on Windows Server 2003 (32-bit) and Windows XP (32-bit).
This utility can’t be run using command-line options because of change in its programming. The need for this change arises from the fact that malware and virus creators have taken precautionary measures to make the Rootkits survive the RootkitRevealer's scan. Earlier the scan was run using the executable name to which Rootkits have become immune. Owing to this, RootkitRevealer has been updated to v1.71. This new version executes its scan by using randomly named copy of itself, which runs in the system as a Windows service. On being executed in this way, malware and viruses fail to indentify the RootkitRevealer and fall to its prey.
Different Types of Rootkits
Rootkits can be categorized into different types based on whether the malware is capable of surviving the system reboot or it can execute in the user mode or kernel mode.
Persistent Rootkit: A persistent Rootkit installs the malware that get activated every time you boot up your system.
Memory-Based Rootkit: These kinds of Rootkits are associated to malware which have no persistent code and hence fail to survive a reboot.
User-mode Rootkit: User-mode Rootkit intercepts the calls to the Windows FindFirstFile/FindNextFile APIs and can modify the output. They use Explorer and command prompt to itemize the contents of file system directories and return intercepted results.
Kernel-mode Rootkit: These Rootkits are even more powerful than user-mode ones because they cannot just intercept the native API in kernel-mode, but can also directly influence the structures of kernel-mode.
Can a Rootkit hide from RootkitRevealer?
A Rootkit can hide from RootkitRevealer scan if it succeeds to read RootkitRevealer's Registry hive data and manages to change the Registry data. However, to do this, high level of sophistication is required which is yet not easy to do because changing the data would require absolute knowledge of NTFS, FAT and Registry hive formats. Also high knowledge is required for changing data structures. So, in short it can be said that although theoretically it is possible that a Rootkit can hide from RootkitRevealer, but actually making it happen is difficult.
So, RootkitRevealer v1.71 is the best possible tool available till date that will allow you to keep your PC protected from Rootkits. You can download this from the Sysinternals section of TechNet website and keep your PC protected from the affects of Rootkits.
About the Author: Brooke M. Perry is an ardent technician associated with Qresolve computer security, with wide experience of fixing issues with PCs, laptops, tablets and smartphones. With a strong track record of devising effective ways of android tablet support and system security, she has so far helped thousands of users across the globe. Her writings on tech issues are the reflection of her in-depth interest and command she carries as a online pc repair technician. Her blogs and articles have been rated high for their lucid style and easy to understand language.
Add Comment
Computers Articles
1. Scraping Dan Murphys Liquor Products Details DataAuthor: FoodDataScrape
2. Blue Wizard Liquid Drops 30 Ml 2 Bottles Price In Lahore
Author: bluewizard.pk
3. How Does Blockchain Resolve Data Privacy And Security Issues For Businesses?
Author: Severus Snape
4. Scrape Quick-commerce Data From Deliveroo Hop Uae
Author: FoodDataScrape
5. Web Scraping Quick-commerce Data From Noon Minutes Uae
Author: FoodDataScrape
6. Helical Insight: Best Open Source Data Visualization Tool In 2025
Author: Vhelical
7. Scrape Top Selling Grocery Product Data From Walmart Usa
Author: FoodDataScrape
8. Extract Quick Commerce Data From Flipkart Minutes
Author: FoodDataScrape
9. Refurbished Laptop Scams And How To Safely Buy A Trusted Device
Author: Sujtha
10. Web Scraping Freshco Supermarket Product Data In Canada
Author: FoodDataScrape
11. How To Compare Two Lists In Excel: A Definitive Guide For Data Professionals
Author: blackjack
12. Monthly Updated Uber Eats Menu Dataset For 500k+ Restaurants
Author: FoodDataScrape
13. Extract Mcdonalds Store Locations Data In Usa For Competitiveness
Author: FoodDataScrape
14. Scrape Spicy Food Trend Data In Usa 2025 For Competitive Advantage
Author: FoodDataScrape
15. Why Startups Should Invest In Custom Software Development Service
Author: Albert