Anti-Rootkits

Posted by Sheffin



logo


IceSword

IceSword - A very useful rootkit scanner and system information utility
IceSword is a very powerful software application that will scan your computer for rootkits.

IceSword also displays all the hidden processes and resources of your system that you would never find in any other Windows Explorer like program.

IceSword will protect your computer against rootkits and won't allow them to infect your system.

Due to the great amount of information presented in the application, you can easily realize that IceSword was designed for more advanced users and advanced rootkit removal
Win 2000/XP/2003


download button
Download
2.2 MB
www
logo

Sophos Anti-Rootkit
Sophos Anti-Rootkit will find and remove any rootkit


Sophos Anti Rootkit description
Sophos Anti-Rootkit eliminates hidden applications and processes
Removing rootkits without compromising system integrity is particularly challenging and needs to be done with care.

Sophos Anti-Rootkit will find and remove any rootkit that is hidden on your computer.

The term rootkit is used to define a Trojan (or technology) used to hide the presence of a malicious object (process, file, registry key, network port) from the computer user or administrator.

Here are some key features of "Sophos Anti Rootkit":

· Scans running processes, windows registry and local hard drives for rootkits.
· Identifies known rootkits and selects, by default, files for removal which will remove the rootkit component of the malware without compromising OS integrity.
· Allows users to remove unidentified hidden files, but does not allow removal of essential system files when hidden by an identified rootkit.
· Once the user has run a scan, the screen prompts the user through the necessary steps until every rootkit has been removed.
· Users can switch between the GUI and command-line functionality.
· Both context sensitive and command-line help are available
Win 2000/XP

download button
Download
1.2 MB
www
logo

DarkSpy Anti-Rootkit

DarkSpy(Freeware) Anti-Rookit is a powerful tool for rootkit detection. DarkSpy is a multiway-based detection tool . It internally combines many effective detection techniques, including DarkSpy's own handlers and also methods used by other famous tools.
Win 2000/XP/2003

download button
Download
627 KB
www
logo

Panda Anti-Rootkit

Panda Anti-Rootkit is a program that uses latest generation technology to detect and remove rootkits
Panda Anti-Rootkit was designed to be a small application that will use the latest generation technology to detect and remove rootkits on your system. Rootkits are programs designed to hide processes, files or Windows Registry entries.

This type of software is used by hackers to hide their tracks or to insert threats surreptitiously on compromised computers. There are types of malware that use rootkits to hide their presence on the system.

Rootkits use sophisticated techniques to avoid being detected by antivirus solutions. To combat this new threat Panda Software has developed Panda Anti-Rootkit
Win 2000/XP

download button
Download
305 KB
www
logo

McAfee Rootkit Detective

McAfee Rootkit Detective will proactively detect and clean rootkits that are running on the system
McAfee Rootkit Detective Beta is a program designed and developed by McAfee Avert Labs to proactively detect and clean rootkits that are running on the system.

McAfee Rootkit Detective should only be used by knowledgeable individuals at the direction of, and with the support of, a representative from McAfee Avert Labs or McAfee Technical Support. Improper usage of this tool could result in damage to your applications or operating system.

Here are some key features of "McAfee Rootkit Detective":

· Designed to proactively detect the system objects like processes, files and registry that are hidden to the user
· Provides information about all running processes in the system
· Provides information about various system hooks like SSDT(System Service Descriptor Table) hooks, user/kernel IAT/EAT(Import/Export Address Table) hooks
· Allows the user to clean/remove the malicious objects from the system by renaming/deleting the hidden files/registry

· Allows the user to terminate the malicious processes
· Users can submit samples using the submission feature present in the tool
· Users can also collect the samples manually after renaming them and Avert Labs for further analysis
Win 2000/XP/2003

download button
Download
1.5 MB
www
logo

Lavasoft ARIES Rootkit Remover

The ARIES Rootkit Remover was desgined tolocate and permanently remove the Sony rootkit from the system
The ARIES Rootkit Remover was desgined to locate and permanently remove the Sony rootkit from the system and disable the
rootkit's ability to run once more after reboot.

This standalone tool is a reliable, trustworthy, and safe way of removing the rootkit--unlike Sony's own rootkit remover that has been known to cause blue screens.

This primarily protects consumers and ensures privacy. The tool is developed by Lavasoft in line with our common goals to steer computing environment towards better standards
Win 95/98/Me/NT/2000/XP

download button
Download
369 KB
www
logo

F-Secure BlackLight
Rootkit Elimination


F-Secure BlackLight Rootkit Elimination Technology detects objects that are hidden from users and security tools and offers the user an option to remove them. The main purpose is to fight rootkits and all kinds of malware that use rootkits. The F-Secure BlackLight Rootkit Elimination Technology works by examining the system at a deep level. This enables BlackLight to detect objects that are hidden from the user and security software.

What are the key benefits of F-Secure BlackLight Rootkit Elimination Technology?
F-Secure BlackLight can detect and eliminate active rootkits from the computer. Traditional antivirus scanners can't detect active rootkits.
On a normal system F-Secure BlackLight does not confront the user with a long list of suspected objects. This makes F-Secure BlackLight useful even for non-technical users.
F-Secure BlackLight Rootkit Elimination Technology can be used in the background during normal system operation. Other available scanners require a reboot during scan or may produce false positives if the system is used during scanning.

For whom is F-Secure BlackLight intended?
F-Secure BlackLight is intended for all computer users who want additional security by checking their system for rootkits. F-Secure BlackLight is suitable for use in both home and business environments
Win 2000/XP

download button
Download
995 KB
www
logo

RootKit Hook Analyzer

RootKit Hook Analyzer is a security tool which will check if there are any rootkits installed on your computer which hook the kernel system services.

Kernel RootKit Hooks are installed modules which intercept the principal system services that all programs and the operating system rely on.

If any of these system services are intercepted and modified it means that there is a possibility that the safety of your system is at risk and that spyware, viruses or malware are active.
Win 98/ME/NT/2000/XP

download button
Download
848 KB
www
logo

Rootkit Hunter 1.3.0 beta

Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files

Rootkit Hunter is released as GPL licensed project and free for everyone to use
Linux and BSD

download button
Download
242 KB
www
logo

RootkitRevealer

RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.

RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don't attempt to hide their files or registry keys). If you use it to identify the presence of a rootkit please let us know!

The reason that there is no longer a command-line version is that malware authors have started targetting RootkitRevealer's scan by using its executable name.
We've therefore updated RootkitRevealer to execute its scan from a randomly named copy of itself that runs as a Windows service.
This type of execution is not conducive to a command-line interface.

Note that you can use command-line options to execute an automatic scan with results logged to a file, which is the equivalent of the command-line version's behavior
Win NT/2000/XP

download button
Download
226 KB
www
logo

OS X Rootkit Hunter

OS X Rootkit Hunter is based on Michael Boelen`s "rootkit hunter" but little modified for easier/better usability on Mac OS X.

OS X Rootkit Hunter is scanning tool to detect nasty tools on your Mac. This tool scans for rootkits, backdoors and local exploits by running tests like:

- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary file
Mac OS X 10.4 or later

download button
Download
768 KB
www



Labels:

0 comments: