Jump to content

RootkitRevealer: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
undo; not a support forum
No edit summary
Line 1: Line 1:
'''RootkitRevealer''' is a proprietary tool for [[rootkit]] detection on [[Microsoft Windows]] by [[Mark Russinovich]] at [[Sysinternals]].
'''RootkitRevealer''' is a proprietary tool for [[rootkit]] detection on [[Microsoft Windows]] by [[Mark Russinovich]] at [[Sysinternals]]. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
It was the tool that first detected [[Sony]]'s [[XCP]] rootkit.
It was the tool that first detected [[Sony]]'s [[XCP]] rootkit.



Revision as of 07:32, 31 December 2008

RootkitRevealer is a proprietary tool for rootkit detection on Microsoft Windows by Mark Russinovich at Sysinternals. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. It was the tool that first detected Sony's XCP rootkit.