Description: BlackReleaver is a ring 0 rootkit that can hide files, processes, drivers, registry keys, and more. It uses an inline hook on many ring 0 functions.
To Search:
File list (Check if you may need any files):
bin
readme.txt
src
...\control
...\.......\control.cpp
...\.......\control.ncb
...\.......\control.sln
...\.......\control.suo
...\.......\control.vcproj
...\.......\debug.cpp
...\.......\debug.h
...\.......\ntdll.h
...\.......\ntdll.lib
...\.......\Release
...\.......\rootkit.cpp
...\.......\rootkit.h
...\debug.h
...\drvcomm.h
...\drvhide.c
...\drvhide.h
...\MAKEFILE
...\rootkit.c
...\sources
...\undocnt.h
...\zdisasm.c
...\zdisasm.h