RootkitRevealer
{{multiple issues|{{refimprove|date=June 2014}}
{{primary sources|date=July 2015}}}}
{{Infobox software
| name = Sysinternals RootkitRevealer
| logo =
| screenshot =
| caption =
| collapsible =
| author =
| developer = Bryce Cogswell and Mark Russinovich
| released =
| discontinued = yes
| latest release version = 1.7
| latest release date = {{start date and age|2006|11|1}}
| latest preview version =
| latest preview date =
| programming language = Microsoft C++{{rp|07:08}}
| operating system = Windows XP and Windows Server 2003
| platform = IA-32
| size = {{Nowrap|231 KB}}
| language = English
| genre = Security software
| license = Closed-source freeware
| website = {{URL|https://technet.microsoft.com/en-us/sysinternals/bb897445}}
}}
RootkitRevealer is a proprietary freeware tool for rootkit detection on Microsoft Windows by Bryce Cogswell and Mark Russinovich.{{cite book |last=Kleiman |first=D. |url=https://books.google.com/books?id=F4Cw4ny6nNQC&pg=PA143 |title=Winternals Defragmentation, Recovery, and Administration Field Guide |last2=Hunter |first2=L.E. |publisher=Syngress |year=2006 |isbn=978-0-08-048987-2 |page=143 |access-date=2025-02-28}}{{cite book |last=Pyles |first=J. |url=https://books.google.com/books?id=GOKRkCVsa0sC&pg=PT380 |title=PC Technician Street Smarts: A Real World Guide to Comptia A+ Skills |publisher=John Wiley & Sons, Incorporated |year=2009 |isbn=978-0-470-59351-6 |series=Serious skills |page=380 |access-date=2025-02-28}}{{cite book |last=Todd |first=A. |url=https://link.springer.com/content/pdf/10.1007%2F978-0-387-73742-3_6.pdf |title=Advances in Digital Forensics III |last2=Benson |first2=J. |last3=Peterson |first3=G. |last4=Franz |first4=T. |last5=Stevens |first5=M. |last6=Raines |first6=R. |date=2007 |publisher=Springer New York |isbn=978-0-387-73741-6 |volume=242 |publication-place=New York, NY |page=89–105 |chapter=Analysis of Tools for Detecting Rootkits and Hidden Processes |doi=10.1007/978-0-387-73742-3_6 |access-date=2025-02-28 |doi-access=free}} It runs on Windows XP and Windows Server 2003 (32-bit-versions only). Its output lists Windows Registry and file system API discrepancies that may indicate the presence of a rootkit. It is the same tool that triggered the Sony BMG copy protection rootkit scandal.{{cite news
|last=Russinovich
|first=Mark
|title=Sony, Rootkits and Digital Rights Management Gone Too Far
|url=http://blogs.technet.com/b/markrussinovich/archive/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far.aspx
|accessdate=10 November 2011
|newspaper=Mark's Blog
|date=31 October 2005 }}
RootkitRevealer is no longer being developed.{{cite video
|title=Mark Russinovich and Aaron Margosis: Introducing Windows Sysinternals Administrator's Reference
|url=http://channel9.msdn.com/posts/Mark-Russinovich-and-Aaron-Margosis-Introducing-Windows-Sysinternals-Administrators-Reference
|work=Channel 9
|publisher=Microsoft Corporation
|accessdate=10 November 2011
|date=28 July 2011
|first1 = Mark
|last1 = Russinovich
|first2 = Aaron
|last2 = Margosis
}}{{rp|08:16}}
See also
References
{{Reflist}}
{{Microsoft Security Products}}
Category:Computer security software
Category:Windows security software
Category:Windows-only freeware
Category:Rootkit detection software
{{Windows-software-stub}}