Anti-Rootkit

Guessing here, but the idea of root-kit checking is that the standard libraries and hooks that the OS uses to do standard things are bypassed in order to check their integrity.  Delphi probably has no method of bypassing those without writing big chunks of assembler code.  In other words I don't think Delphi is the right tool for this job.

http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx

A concrete example of what I referred to in my above comment is given in the above link.  If the OS FindFirstFile/FindNextFile API has been subverted by a rootkit then the anti-rootkit detector has to use a different means to emulate the FindFirstFile/FindNextFile API.  Delphi tends to put a friendly wrapper around these API's to make them easy to use, but that is not what is needed for this type of application.

This example don't help me. But thanks, I got a good tool.

>I got a good tool.

A Delphi tool?

No no, which link you provide. This is good tool.

Yes, the tools that Sysinternals wrote are so good that Microsoft bought the company.

In fact Delphi is just as good as C++ in this context. Both need assembly code to do the stuff. No one forces you t ouse the VCL in Delphi, it is just a lot easier....

I know Delphi can help me lot? Anyone can help me? Please.

Still I waiting for good and helpful answer.

(1) Delphi is not the language to use for this type of application.

(2) The code that makes up such an application has to second-guess hackers, crackers, malware writers around the world.  If the question "How Do I...?" has to be asked then, with all due respects, the person asking that question needs to choose a more modest target.  To write anti-malware one needs to think like a malware author.