Microsoft

10 more Sysinternals tools to simplify routine Windows admin tasks

RootkitRevealer

When looking at this utility, it seemed to be a no brainer to include it here, but it seems to work only on 32 bit systems prior to Win 7. It also runs as a random service when executed (for the duration of execution) to reduce the possibility of being hijacked by a rootkit. I am hoping that the team behind Sysinternals releases a Win 7 ready version of this tool very soon.

The utility can be started from the command line or a double-click and detects places where Rootkits might be hiding on your system. Is it perfect, no, but it does do a pretty thorough job.

The screenshot was taken on a 32bit Windows XP VM with very little more than Windows updates applied.

By Derek Schauland

Derek Schauland has been tinkering with Windows systems since 1997. He has supported Windows NT 4, worked phone support for an ISP, and is currently the IT Manager for a manufacturing company in Wisconsin.