MZReveal: Attackers use too many tricks to mask malicious executables. Their goal is to trick unsuspecting users to run them on their computer.
A common method to hide known file types in Windows is to use the Right to Left Override trick to reverse the file name without modifying the file itself.
Today's protection software can detect some of these efforts and prevent them, but there are also efforts that are not immediately detected.
The free MZReveal program scans the root directory and all subdirectories automatically searching for hidden executable files.
The program is portable and you can run it from Windows Explorer without installing it.
Scanning is very fast, it took less than half a second to scan more than 3000 files, for example.
Results appear on the command line screen, but the window closes seconds later, which means you can not see them on your screen.
The MZRevealer creates a log file in the root right after the scan that you can open with any program processingof text to check the results.
The log file lists all the hidden executable files and their path to the system. Note that the program also scans for PE (Portable Executable) so it will not only scan for .exe and .dll files but also for many other formats, such as screensavers and drivers.
If something seems suspicious, you can scan it locally or in Virustotal, to make sure it is your file is clean and has no malicious character.
The developer reports that the program will begin to be updated in the future with additional options.
SHA2: 34ee677d932aa4cf2f683055b39653e47eb21eb9fd89e9e2719bb9e4486b1590
Compatible with Windows XP, 7, 8, 2003, 2008, 2012.