Quality Rootkit Detection Tools

Discussion in 'Windows Desktop Systems' started by kcnychief, Jul 16, 2006.

  1. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    I read a very nice article on Rootkit detection recently, and wanted to pass along some of the suggested scanners to others :)

    F-Secure Blacklight:
    https://europe.f-secure.com/blacklight/

    GMER:
    http://www.gmer.net/

    HOOK Explorer: (actually checks to see if files have hidden themselves behind legit programs
    http://labs.idefense.com/releases/previews/HookExplorer/

    IceSword: Rumored to the best out there atm
    http://xfocus.net/tools/200605/1162.html

    Sysinternals RootKitRevealer:
    http://www.sysinternals.com/Utilities/RootkitRevealer.html

    I'm going to play with each one a bit and see how I like them :D
     
  2. VenomXt

    VenomXt Blame me for the RAZR's Folding Team

    Messages:
    3,453
    Location:
    Houston, Texas
    Hey KC i tried out both IceSword, HOOK Explorer did you manage to try out the other two?
     
  3. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    I have made it a point to play with all of them on varying levels, good stuff :D
     
  4. falconguard

    falconguard Carbon based lifeform Political User Folding Team

    Messages:
    3,406
    Location:
    SoCal
    I've seen the Blacklight, but I am hearing very good things about Icesword.