RootkitRevealer

Sysinternals – RootkitRevealer “RootkitRevealer is an advanced root kit detection utility. It runs on Windows NT
4 and higher and its output lists Registry and file system API discrepancies that
may indicate the presence of a user-mode or kernel-mode rootkit.”

This is the first time I’ve seen this. I’ve know about simular things for linux, but now I have something to use on the few Windows Servers.