Get our Latest Finds
Subscribe to our RSS feed or enter your email address below to get the feed delivered to you by email:
Follow Gizmo
Using this Site
Top Rated
Gizmo's Freeware is Recruiting
We are currently looking for people with skills and/or interest in the following areas:
- Rootkit Scanner and Remover
- Web Browser for Android
If this sounds like you then click here for more details
workspace-gizmo
|
In a Hurry?
|
 Go straight to the Quick Selection Guide |
|
Introduction
|
| Rootkits are a special kind of software tool used to hide trojans, viruses and other malware from your anti virus scanner and other security products. Unfortunately, they are extremely effective, which means that some of you who are reading this will be infected, even though you believe your PC to be totally clean. Thankfully, there is a new class of security product now available, called "rootkit detectors", that use specialized techniques to detect these dangerous intruders.. |
|
Discussion
|
|
Most of these detectors require quite a bit of technical skill to interpret the results, but two of the simplest to use are also amongst the most effective. The first is called Panda Anti Rootkit. It's my top recommendation for average users because it's not only good at detecting rootkits, but it's also quite effective at removing them. As a bonus, it's small and doesn't require installation, although you do have to register at the Panda website before you can download it. I suggest that all of you download this product and scan your PCs. The chances of you being infected are small, but for five minutes work it's well worth eliminating the risk. Panda Anti Rootkit will detect most rootkits missed by AV scanners, but it can't provide perfect detection; no rootkit detector can. That's why I suggest you use more than one. If you are an experienced user, you should check out Sysinternals RootkitRevealer. It uses a totally different technique than Panda Anti Rootkit and BlackLight, and by using all three products together you'll be getting excellent overall detection. RootkitRevealer is more complex to use than BlackLight, and is a bit prone to false positives, so take care before you delete detected items. For experienced users, my top recommendation is GMER, although you will need to read the documentation carefully before using this one. I like this product a lot but it's not for everyone. So if you are the type that simply likes to press the "scan" button, then stick with Panda Anti Rootkit ;>) Currently, two of the biggest guns in the rootkit detection war are the free Chinese products IceSword and DarkSpy. They are not really detectors like the other products, Rather, they offer a set of tools that can help reveal the presence of a rootkit. These tools include a special process viewer, startup manager and port enumerator that are not fooled by rootkits. It's left to the user, though, to interpret the results. In the hands of a skilled user, these are powerful tools, but are not of much use to beginners. The Chinese download sites are slow, so I've given local download links. The reality is that at the present time, full protection against rootkits may require the use of multiple products, and complete removal may require a system rebuild. For more details, see my introductory article on rootkits. |
|
||||||||||||||||||||||||
| Insert a table row for each product here (remove/replace the row with this text). Create each row with the create-details.php script... | ||||||||||||||||||||||||
1.08 
Unrestricted Freeware 
Windows 2000 - XP
- Article type:
Printer-friendly version