RootkitRevealer: Difference between revisions
Appearance
Content deleted Content added
undo; not a support forum |
No edit summary |
||
Line 1: | Line 1: | ||
'''RootkitRevealer''' is a proprietary tool for [[rootkit]] detection on [[Microsoft Windows]] by [[Mark Russinovich]] at [[Sysinternals]]. |
'''RootkitRevealer''' is a proprietary tool for [[rootkit]] detection on [[Microsoft Windows]] by [[Mark Russinovich]] at [[Sysinternals]]. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. |
||
It was the tool that first detected [[Sony]]'s [[XCP]] rootkit. |
It was the tool that first detected [[Sony]]'s [[XCP]] rootkit. |
||
Revision as of 07:32, 31 December 2008
RootkitRevealer is a proprietary tool for rootkit detection on Microsoft Windows by Mark Russinovich at Sysinternals. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. It was the tool that first detected Sony's XCP rootkit.