goldstar_veera
21-09-07, 01:14 PM
Rootkits &Removers
A rootkit, like a cloak of invisibility, is a program that surreptitiously allows an attacker to gain administrator- level access to a computer or network. Installing itself silently, it stays concealed by hiding processes, files, network traffic and other observable information about itself from the computer user. Rootkits typically hide utilities that make it easy for attackers to return to a compromised system in the future. Rootkits aren't easily detected and since no single vendor reliably detects all rootkits, it can be beneficial to work with more than one rootkit-detection tool. Fortunately, there are a number of useful no-cost tools available.
· Sophos Anti-Rootkit is a sophisticated free rootkit detection and removal tool for Windows NT, 2000, XP and 2003. Before scanning, it's strongly recommended that the user close down all non-essential applications. A rootkit scan can take several minutes on a desktop computer or significantly longer on a server. The scan searches for hidden files, processes, registry keys and values. When the scan finishes, a pop-up screen appears confirming the status and results of the scan. Click on the suspicious file to display more information about it. The information displayed includes whether the item is recommended for removal. If a suspicious file is recognized, it can be safely removed; if the scanner isn't sure what it is, but considers it suspicious, it can still be removed. Download here [Only registered and activated users can see links]
· Panda AntiRootkit, like Sophos, has a GUI and allows for command-line options. Also like Sophos, it identifies known rootkits and suspicious rootkit behaviors indicative of unknown rootkits, and provides the option of removing them along with their associated registry entries, processes and files. Panda AntiRootkit looks for hidden files, registry entries, drivers, processes, execution hooks and does an excellent job of ferreting out possible rootkits, removing dangerous rootkits even when it can't fully identify them. It runs on Windows 2000, XP and 2003. Download here [Only registered and activated users can see links]
If one of the rootkit scanners mentioned above doesn't do it for you, you can also run additional rootkit detection and removal tools such as:
McAfee Rootkit Detective: This is a program designed to detect and clean rootkits and works on XP, 2000 and 2003. However, McAfee strongly recommends its software only be used by knowledgeable individuals with direction from and the support of a representative from McAfee Avert Labs or McAfee Technical Support. Download here [Only registered and activated users can see links]
AVG Anti-Rootkit Free : This tool -- in its free basic-level version -- provides for rootkit detection and removal and works on Windows 2000 and XP. Download here [Only registered and activated users can see links]
A rootkit, like a cloak of invisibility, is a program that surreptitiously allows an attacker to gain administrator- level access to a computer or network. Installing itself silently, it stays concealed by hiding processes, files, network traffic and other observable information about itself from the computer user. Rootkits typically hide utilities that make it easy for attackers to return to a compromised system in the future. Rootkits aren't easily detected and since no single vendor reliably detects all rootkits, it can be beneficial to work with more than one rootkit-detection tool. Fortunately, there are a number of useful no-cost tools available.
· Sophos Anti-Rootkit is a sophisticated free rootkit detection and removal tool for Windows NT, 2000, XP and 2003. Before scanning, it's strongly recommended that the user close down all non-essential applications. A rootkit scan can take several minutes on a desktop computer or significantly longer on a server. The scan searches for hidden files, processes, registry keys and values. When the scan finishes, a pop-up screen appears confirming the status and results of the scan. Click on the suspicious file to display more information about it. The information displayed includes whether the item is recommended for removal. If a suspicious file is recognized, it can be safely removed; if the scanner isn't sure what it is, but considers it suspicious, it can still be removed. Download here [Only registered and activated users can see links]
· Panda AntiRootkit, like Sophos, has a GUI and allows for command-line options. Also like Sophos, it identifies known rootkits and suspicious rootkit behaviors indicative of unknown rootkits, and provides the option of removing them along with their associated registry entries, processes and files. Panda AntiRootkit looks for hidden files, registry entries, drivers, processes, execution hooks and does an excellent job of ferreting out possible rootkits, removing dangerous rootkits even when it can't fully identify them. It runs on Windows 2000, XP and 2003. Download here [Only registered and activated users can see links]
If one of the rootkit scanners mentioned above doesn't do it for you, you can also run additional rootkit detection and removal tools such as:
McAfee Rootkit Detective: This is a program designed to detect and clean rootkits and works on XP, 2000 and 2003. However, McAfee strongly recommends its software only be used by knowledgeable individuals with direction from and the support of a representative from McAfee Avert Labs or McAfee Technical Support. Download here [Only registered and activated users can see links]
AVG Anti-Rootkit Free : This tool -- in its free basic-level version -- provides for rootkit detection and removal and works on Windows 2000 and XP. Download here [Only registered and activated users can see links]