Packed Driver Detector

What does this thing do?

Drivers are system files that are used in kernel mode to execute system code. Rootkits use a driver (.sys) file to subvert the Windows kernel and hide their presence in the system. Recent rootkits have begun packing and/or encrypting their driver files to make them harder to detect.

What do I do if the tool finds a packed driver? f the tool identifies any packed drivers, don't panic. Please email the detected driver files to submit@trojanhunter.com along with your scan log. We will analyze the files for you and tell you if they really are something to worry about.