Jump to content
CCleaner Community Forums
Icedrake

Anti-Rootkit programs

Recommended Posts

Just downloaded and tried to install Avira Anti-Rootkit Tool. However, couldn't get the Setup.exe file to open. Anyone else have that problem? Or, is there possibly another way to install it?

Share this post


Link to post
Share on other sites
Just downloaded and tried to install Avira Anti-Rootkit Tool. However, couldn't get the Setup.exe file to open. Anyone else have that problem? Or, is there possibly another way to install it?

 

Go with the two I linked or the Panda one. All 3 do not require an install.

Share this post


Link to post
Share on other sites
Just downloaded and tried to install Avira Anti-Rootkit Tool. However, couldn't get the Setup.exe file to open. Anyone else have that problem? Or, is there possibly another way to install it?

Is it an executable also?As a matter of fact, aren't they all?

:) davey

Share this post


Link to post
Share on other sites
Just downloaded and tried to install Avira Anti-Rootkit Tool. However, couldn't get the Setup.exe file to open. Anyone else have that problem? Or, is there possibly another way to install it?

Maybe it was corrupted during the download. I've used it and removed it.

 

The one I really like is Panda Anti-Rootkit, it will even check for an update before scanning.

 

Many of the free anti-rootkit scanners haven't been updated for months!

Share this post


Link to post
Share on other sites

IceSword is pretty good, but detects many processes that are harmless. Info and a download link:

http://www.castlecops.com/t165203-IceSword...llustrated.html

 

SpyBot S&D is getting into rootkit finding; they describe their present app as "a work in progress". Info and a download link:

http://forums.spybot.info/showthread.php?t=24185

 

Sophos has a good one. You have to register to download it:

http://www.sophos.com/products/free-tools/...ti-rootkit.html

 

Sysinternals has a good one: RootKit Revealer. Info and a download link:

http://technet.microsoft.com/en-us/sysinte...s/bb897445.aspx

 

None of the above require installation, all are free. :) I just use them to find out whats going on in my computer...never have found anything ugly, thank goodness. Would have to get expert help if an actual rootkit showed up. You have to be careful, a lot of processes that look scary are really legitimate.

 

Also I think you do have to install the Avira RKD, but no reboot is required.

Share this post


Link to post
Share on other sites
Also I think you do have to install the Avira RKD, but no reboot is required.

It does have to be installed. ;)

 

Some of those others that claim they can just be ran without installing are actually adding stuff onto the system like adding a line into a Windows .ini file like win.ini, etc.,, or writing stuff into the registry.

Share this post


Link to post
Share on other sites
IceSword is pretty good, but detects many processes that are harmless. Info and a download link:

http://www.castlecops.com/t165203-IceSword...llustrated.html

 

SpyBot S&D is getting into rootkit finding; they describe their present app as "a work in progress". Info and a download link:

http://forums.spybot.info/showthread.php?t=24185

 

Sophos has a good one. You have to register to download it:

http://www.sophos.com/products/free-tools/...ti-rootkit.html

 

Sysinternals has a good one: RootKit Revealer. Info and a download link:

http://technet.microsoft.com/en-us/sysinte...s/bb897445.aspx

 

None of the above require installation, all are free. :) I just use them to find out whats going on in my computer...never have found anything ugly, thank goodness. Would have to get expert help if an actual rootkit showed up. You have to be careful, a lot of processes that look scary are really legitimate.

 

Also I think you do have to install the Avira RKD, but no reboot is required.

 

 

Some of those ones you mentioned are for advanced users. You need to know what you are doing with them. Panda and Blacklight are very easy to use.

Share this post


Link to post
Share on other sites
It does have to be installed. ;)

 

Some of those others that claim they can just be ran without installing are actually adding stuff onto the system like adding a line into a Windows .ini file like win.ini, etc.,, or writing stuff into the registry.

 

You are quite right, Andavari. But none of those I listed change the registry very much as far as I can tell, nor compromise performance after they are run. Sophos does add a stubborn key: HKLM\...\LEGACY_MEMSWEEP2, but no harm done as I can tell.

 

Anthony_A is right too. You gotta know what you're doing. Expert help is called for if you think you have found a rootkit. If it was easy everybody would be doin' it. :)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...