ALL >> Computers >> View Article
How Does Rootkitrevealer V1.71 Systinternal Work To Make Your Pc Safe From Rootkit?
Have you heard of Rootkit? If you know about it then you also understand the crucial need of protecting your PC from Rootkits. And if you don’t know about it then you can understand this as malicious software that an attacker can install on your PC after gaining the administrator access.
Why Rootkits are Malicious?
Rootkit is considered malicious because it can install malware, viruses, spyware, and Trojans, on your PC and keep those hidden from being detected by antivirus, spyware blockers and system management utilities. Rootkit also exerts another danger under which it intercepts data from terminals, keyboards, network connections, etc.
There are different methods through which Rootkits can evade detection. The main method through which it manages to avoid detection is either by surviving reboot or by executing in kernel mode or user mode. Rootkit gets activated each time your PC boots up and most importantly its activation process gets completed much before the boot up process of the system. In this way, Rootkit remains hidden in a PC and can’t be detected through normal processes.
How RootkitRevealer ...
... Works?
RootkitRevealer v1.71 is a Sysinternals security utility that can conveniently detect the deep hidden Rootkits on your PC. This utility was created by Bryce Cogswell and Mark Russinovich. It runs on Windows Server 2003 (32-bit) and Windows XP (32-bit).
This utility can’t be run using command-line options because of change in its programming. The need for this change arises from the fact that malware and virus creators have taken precautionary measures to make the Rootkits survive the RootkitRevealer's scan. Earlier the scan was run using the executable name to which Rootkits have become immune. Owing to this, RootkitRevealer has been updated to v1.71. This new version executes its scan by using randomly named copy of itself, which runs in the system as a Windows service. On being executed in this way, malware and viruses fail to indentify the RootkitRevealer and fall to its prey.
Different Types of Rootkits
Rootkits can be categorized into different types based on whether the malware is capable of surviving the system reboot or it can execute in the user mode or kernel mode.
Persistent Rootkit: A persistent Rootkit installs the malware that get activated every time you boot up your system.
Memory-Based Rootkit: These kinds of Rootkits are associated to malware which have no persistent code and hence fail to survive a reboot.
User-mode Rootkit: User-mode Rootkit intercepts the calls to the Windows FindFirstFile/FindNextFile APIs and can modify the output. They use Explorer and command prompt to itemize the contents of file system directories and return intercepted results.
Kernel-mode Rootkit: These Rootkits are even more powerful than user-mode ones because they cannot just intercept the native API in kernel-mode, but can also directly influence the structures of kernel-mode.
Can a Rootkit hide from RootkitRevealer?
A Rootkit can hide from RootkitRevealer scan if it succeeds to read RootkitRevealer's Registry hive data and manages to change the Registry data. However, to do this, high level of sophistication is required which is yet not easy to do because changing the data would require absolute knowledge of NTFS, FAT and Registry hive formats. Also high knowledge is required for changing data structures. So, in short it can be said that although theoretically it is possible that a Rootkit can hide from RootkitRevealer, but actually making it happen is difficult.
So, RootkitRevealer v1.71 is the best possible tool available till date that will allow you to keep your PC protected from Rootkits. You can download this from the Sysinternals section of TechNet website and keep your PC protected from the affects of Rootkits.
About the Author: Brooke M. Perry is an ardent technician associated with Qresolve computer security, with wide experience of fixing issues with PCs, laptops, tablets and smartphones. With a strong track record of devising effective ways of android tablet support and system security, she has so far helped thousands of users across the globe. Her writings on tech issues are the reflection of her in-depth interest and command she carries as a online pc repair technician. Her blogs and articles have been rated high for their lucid style and easy to understand language.
Add Comment
Computers Articles
1. Conversational Ai In Intelligent Contact Centers: Market Outlook And Future Growth To 2028Author: Umangp
2. Unlock Phone Near Me
Author: Real Mobile Repair
3. Ai-native Networking Platforms Market : Transforming Enterprise Network Management
Author: Umangp
4. How To Retain Top App Developers In Your Company?
Author: brainbell10
5. Get Fast Laptop & Mobile Repair And Replacement Services In Abu Dhabi With Total Care Repair
Author: Total Care
6. Top 5 Clinical Trial Management Platforms Used By Pharma Companies
Author: Giselle Bates
7. Seo Company | Alphaadtech – Expert Seo Solutions To Grow Your Business Online
Author: AlphaAdTech helps businesses improve Google rankin
8. How To Secure Your Wordpress Site?
Author: brainbell10
9. Mongodb Tutorial With Practical Examples: Master Nosql Database Step By Step
Author: Tech Point
10. Mysql Tutorial: The Complete Guide To Learning Mysql From Beginner To Advanced
Author: Tech Point
11. Spark Matrix™: Privileged Access Management (pam)
Author: Umangp
12. How To Select Technologies For The Project?
Author: brainbell10
13. How To Set Up Infinite Scroll With Wordpress?
Author: brainbell10
14. Ai Transformation Beyond The Hype: Why Enterprises Must Rethink Business, Not Just Technology
Author: Umangp
15. Pos Dealers In Vizag: Complete Business Solutions
Author: pbs






