Scans persistent storage to detect the presence of rootkit forensics

Usage Guide

RootkitRevealer is a GUI application that launches a registry scan using the Windows API and a low-level direct scan of file system storage used by the registry to detect inconsistencies. If detected, it analyses and reports these as potential manipulation of the Windows API by a rootkit.

Tool Data

Operating Platform:Windows
Diagnostic Target:OS - Security
Tool Executable:See documentation, RootKitRevealer runs under a different random image name each time it is launched
Obtain From:Sysinternals
Web Links:

Results for Tools search

You entered the search string "".
No results were returned for this string.

Copyright © 1997 - 2016 Mission Pacific Pty Ltd. All rights reserved. ezcom, the ez logo and hard tech cafe are registered trademarks of Mission Pacific Pty Ltd. Designed for firefox and safari. Sitemap