Downloads from Uncle Monster: Freeware anti-rootkit programs.
GMER 1.0.14.14205
GMER is an application that detects and removes rootkits.
It scans for:
# hidden processes
# hidden threads
# hidden modules
# hidden services
# hidden files
# hidden Alternate Data Streams
# hidden registry keys
# drivers hooking SSDT
# drivers hooking IDT
# drivers hooking IRP calls
# inline hooks
GMER also allows to monitor the following system functions:
# processes creating
# drivers loading
# libraries loading
# file functions
# registry entries
# TCP/IP connections
GMER runs on Windows NT/W2K/XP/VISTA
==============================
DarkSpy Anti-Rootkit V1.0.2 Test Version(Freeware)
http://www.rootkit.com/newsrea
DarkSpy Introduction:
DarkSpy is a new rootkit detection tool from China.
It’s coded by two guys : CardMagic & wowocock,and support
some new features that can make the detection more effective.
DarkSpy is consisted of five parts:
1.Process:
Detect hidden process(even hide with FUTo…)
Force kill process(even Icesword)
2.Kernel Module:
Detect hidden kernel module(even hide with FUTo…)
3.File:
Detect hidden files
Force copy file
Force delete file
4.Registry function is not provided in test version.
5.Port:
Detect hidden ports
(Notice: DarkSpy don’t allow any kernel debugger to run!)
Environment supported by test version:
32bit Windows 2000(SP4 and later)
32bit Windows XP
32bit WIndows 2003
Single CPU without hyperthread
==============================
Rootkit Buster v2.2.1014
http://www.trendmicro.com
Trend Micro RootkitBuster is a rootkit scanner that scans hidden
files, registry entries,
processes, drivers, and Master Boot Record (MBR) rootkits. In
addition, RootkitBuster can also
clean hidden files and registry entries. For more information, please
view readme.
==============================
McAfee Rootkit Detective Beta v1.0
http://vil.nai.com/vil/stinger
McAfee Rootkit Detective Beta is a program designed and developed by
McAfee Avert Labs to
proactively detect and clean rootkits that are running on the system.
McAfee Rootkit Detective should only be used by knowledgeable
individuals at the direction of,
and with the support of, a representative from McAfee Avert Labs or
McAfee Technical Support.
Improper usage of this tool could result in damage to your
applications or operating system.
Download it
The Rootkit Detective Beta can be downloaded here.
Features
Following are the features of this program that are designed to
proactively detect and clean
rootkits from the system. This program is not dependent on any
signatures and can proactively
detect most of the existing and upcoming rootkits and allow the user
to clean them.
* Designed to proactively detect the system objects like
processes, files and registry that are
hidden to the user.
* Provides information about all running processes in the system.
* Provides information about various system hooks like SSDT(System
Service Descriptor
Table) hooks, user/kernel IAT/EAT(Import/Export Address Table) hooks.
* Allows the user to clean/remove the malicious objects from the
system by renaming/deleting
the hidden files/registry.
* Allows the user to terminate the malicious processes.
* Users can submit samples using the submission feature present in the tool.
* Users can also collect the samples manually after renaming them
and submit to
stinger@avertlabs.com for further analysis.
Rootkit Detective log file contains details of the hidden files. The
files once renamed after reboot
will have a .REN extension. User can search for the same on the system
and can submit these
files for further analysis with your comments to
stinger@avertlabs.com. Zip the files and password
protect with “infected” and mention “Rootkit Detective” in the subject
line when you send the mail.
Supported Operating Systems
* Windows XP Home Edition with SP2
* Windows XP Professional Edition with SP2
* Windows 2000 with SP4
* Windows 2000 Server
* Windows 2003 Server SP
Leave a Reply
You must be logged in to post a comment.