MZReveal: Attackers use a lot of tricks to disguise malicious executable files. Their goal is to trick unsuspecting users into running them on their computer.
A common method of hiding known types of files in Windows is the use of the Right to Left Override Trick, which reverses part of the file name without modifying the file itself.
Current software can detect some of these efforts and prevent them, but there are also efforts that are not immediately detected.
The program is portable and you can run it from Windows Explorer without installation.
Scanning is very fast, it took less than half a second to scan more than 3000 files, for example.
Results appear on the command line screen, but the window closes seconds later, which means you can not see them on your screen.
The MZRevealer creates a root log immediately after the scan you can open with any text editor to test the results.
The log file lists all the hidden executable files and their path to the system. Note that the program also scans for PE (Portable Executable) so it will not only scan for .exe and .dll files but also for many other formats, such as screensavers and drivers.
If something seems suspicious, you can scan it locally or in Virustotal, to make sure it is your file is clean and has no malicious character.
The developer reports that the program will begin to be updated in the future with additional options.
Compatible with Windows XP, 7, 8, 2003, 2008, 2012.
Very fast and portable. Unscaled scans on your computer's resources.
A tool that runs with command-line without UI is not recommended for novice users