Rootkit Revealer

Rootkit Revealer


  • File Version: Rootkit Revealer 1.71
  • File Name: RootkitRevealer.zip
  • File Size: 226KB
  • Author: Microsoft SysInternals
  • License: Freeware
  • Updated: January, 17th 2018
  • Requirements: Windows 10 / Windows 8.1 / Windows 8 / Windows 7 / Windows Vista / Windows XP / Windows 7 64 / Windows 8 64 / Windows 10 64

RootkitRevealer is an advanced rootkit detection utility. It runs on Windows XP (32-bit) and Windows Server 2003 (32-bit), and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
RootkitRevealer successfully detects many persistent rootkits including AFX, Vanquish, and Hacker Defender (note: RootkitRevealer is not intended to detect rootkits like Fu that don’t attempt to hide their files or registry keys). If you use it to identify the presence of a rootkit please let us know!
The reason that there is no longer a command-line version is that malware authors have started targetting RootkitRevealer’s scan by using its executable name. We’ve therefore updated RootkitRevealer to execute its scan from a randomly named copy of itself that runs as a Windows service. This type of execution is not conducive to a command-line interface.
Note that you can use command-line options to execute an automatic scan with results logged to a file, which is the equivalent of the command-line version’s behavior.
Available languages: English, French, Spanish, German, Portuguese, Italian, Dutch, Chinese, Japanese.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Leave a Reply

Your email address will not be published. Required fields are marked *