RootkitRevealer: Difference between revisions
Appearance
Content deleted Content added
No edit summary |
FleetCommand (talk | contribs) Added {{Microsoft Security Products}} |
||
Line 12: | Line 12: | ||
[[Category:Windows-only software]] |
[[Category:Windows-only software]] |
||
{{Microsoft Security Products}} |
|||
{{software-stub}} |
{{software-stub}} |
||
Revision as of 07:57, 13 October 2009
RootkitRevealer is a proprietary tool for rootkit detection on Microsoft Windows by Mark Russinovich at Sysinternals. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. It does not support 64-bit Windows systems. It was the tool that first detected Sony's XCP rootkit.