| Name: | NT RootKit |
| Aliases: | |
| Ports: | |
| Files: | Ntrootkit031.zip - 227,075 bytes Deploy.exe - 155,699 bytes_root_.sys - 57,684 bytes _root_.sys - 154,560 bytes _root_cmd.exe -236,304 bytes _root_nc.exe - 59,392 bytes |
| Created: | Dec 1999 |
| Requires: | |
| Actions: | Rootkit / Keylogger |
| NT RootKit includes the functionality to remotely apply patches to existing programs, allowing it to hide processes on the system. It can also hide Registry keys and files. If NT RootKit detects itself being monitored, it may shut down the attacking process and log the user off. | |
| Versions: | 0.31alpha, 0.4 alpha, 0.43, 0.44, |
| Registers: | |
| Notes: | Works on Windows NT and 2000. ˆ Source code is available. |
| Country: | |
| Program: | Written in C/C++. |