Microsoft SysInternals - (Freeware)
RootkitRevealer is a rootkit detection utility that can help in detecting system API discrepancies.
RootkitRevealer is a rootkit detection utility that can detect rootkits (hidden spyware) on the computer. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
The software can run a manual scan of the system and offers a few options : whether to display standard NTFS and enable / disable the scan of the registry data.It successfully detects many persistent rootkits including AFX, Vanquish and HackerDefender.
An automatic scan can also be run through command line parameters , eg "RootkitRevealer -a" launch the software and automatically exits after the scan. The result consists in detecting thedifferences between the reality of the system and API (theone that Windows sees). It then displays a list of entries that seem strange to him. User can then determine whether these differences are normal or abnormal.
* HTML5 videos now feature Show Statistics and Save Snapshot As in their context menus.
* Add-ons that are installed into the shared user and shared system areas now get disabled by default. If you schedule a new add-on for installation by copying it to the profile's extensions folder, a new in-content UI appears now.
* Sync dialogs should now persist their position.
* Sync dialogs look more similar now.
* The MailNews Advanced Search dialog now supports keys for marking as read, flagged or tagged.
* Internet searches started from the context menu now open in a new tab (as opposed to a new window) by default.
* The Add-ons Manager and Data Manager now open according to Link Behavior preferences (i.e. in a window if the user chose so).
* The default theme supports small icons for the Address Book toolbar now.
* Custom news message filters support "doesn't contain" and "isn't" now.