Introduction

Rootkit Revealer

RootkitRevealer

Copyright © 2005 Mark Russinovich and Bryce Cogswell

Sysinternals - www.sysinternals.com

RootkitRevealer is an advanced root kit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.  If you use it to identify the presence of a rootkit please let us know!