In 2007 I created a tool to detect certain known rootkits. The tool was created to solve the problem that a lot of helpers in the antimalware communities did not know how to detect these rootkits, and Rootchk could then help by checking for the most common infections.

The tool is essentially build around chkdrv.exe, which is a tool to determine if certain rootkits are present — either as hidden or visible drivers. Rootchk is furthermore a batch-script that runs through a huge whitelist of rootkit-drivers.

By the end of 2007 I stopped updating the tool. It is thus mainly of historical interest. It can still be downloaded — but don’t trust the verdict too firmly: LINK