Any rootkit prevention, detection and/or repair suitable for use by the average user?

Discussion in 'Computer Security' started by Blue Event Horizon, Aug 12, 2006.

  1. Using Windows XP Media Center Edition 2005 on a computer I've only had
    about a month after 6 1/2 years using another computer with Windows ME
    so I'm still learning about my OS and rootkits have just really come
    to my attention recently. Also now DSL instead of dialup, if that
    matters. Kerio 2.1.5 firewall, AVG Free antivirus, currently using
    Ad-Aware, Spybot, ewido antispyware products (ewido is new to me).

    Are there are programs/tools/whatever suitable for average
    (unsophisticated, ignorant or however you care to characterize us)
    users to prevent, detect and/or repair rootkit threats and problems?
    Preference for freeware and GUI.

    Blue Event Horizon, Aug 12, 2006
    1. Advertisements

  2. Blue Event Horizon

    nemo_outis Guest

    All the following require a modicum of intelligence:


    F-secure BlackLight

    IceSword (arguably the best bnut also the geekiest) [English download mirror]

    nemo_outis, Aug 12, 2006
    1. Advertisements

  3. From: "nemo_outis" <>

    | All the following require a modicum of intelligence:
    | RootkitRevealer
    | F-secure BlackLight
    | IceSword (arguably the best bnut also the geekiest)
    | [English download mirror]
    | Regards,


    gmer --

    Vinzenz Feenstra, ewido anti-spyware developer, Anti-RootKit Beta
    David H. Lipman, Aug 13, 2006
  4. And remove BlackList, as it's nothing special over other common non-beta
    free utilities. At its first release it offered a sinmple but special
    method to detect unlinked process lists, but this is now a standard
    feature of Gmer, DarkSpy, Knlps and VICE.

    Rootkit Revealer might me removed as well, as it's totally buggy. On
    well-hardened machines is doesn't even run (spawns the service process
    and then crashes) and even on kinda normal machines it may run into bad
    errors (f.e. if you linked C:\mnt\floppy to A:\ and no floppy is
    inserted, the 'dir' command in the spawned cmd.exe process will hang
    forever, so the entire file system scan fails completely).
    Yeah, this one is another piece of junk. Without any question is tries
    to remove a simple hidden process, fails, reboots, tries again, fails,
    crashes, ...


    System Virginity Verifier
    Sebastian Gottschalk, Aug 13, 2006
  5. Blue Event Horizon

    nemo_outis Guest

    You ask - I deliver!

    Here's a compilation (41 meg) of the following anti-rootkits:

    Windows Anti-Rootkit Apps:

    Rootkit Revealer
    F-Secure BlackLight
    Process Master
    System Virginity Verifier
    Rootkit Hook Analyzer
    LavaSoft ARIES Rootkit Remover

    Windows Rootkit Prevention Apps:

    AntiHook Pro
    Process Guard
    GesWall Personal
    Defense Wall HIPS
    Neoava Guard
    Defense Plus

    Linux/BSD Apps:


    Download it from:

    rar password:

    nemo_outis, Aug 13, 2006
  6. Blue Event Horizon

    Admins Guest

    I like f-secure black light, if it finds anything it gives you the option
    of doing a google search on the item so you can see what it is and exactly
    what it does. It's alot better than deleting a file you really need, most
    of these root kit detectors are still giving false positives and are still
    in beta,

    * (No Logs Internet Surfing)
    * Anonymous Secure Offshore SSH-2 Surfing Tunnels
    Admins, Aug 15, 2006
  7. Blue Event Horizon

    raincoater Guest

    Hello, nemo_outis!
    You wrote:

    Thanks Nemo. Much appreciated.
    raincoater, Sep 9, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.