Three new rootkit detectors

Rootkits are continuing to evolve but thankfully, so are rootkit detectors. There are three new kids on the block. The first, RootkitUncover, is from security company SoftWin, makers of the well known BitDefender anti-virus program. It’s only available from the vendor’s site [1] to beta testers but subscriber Jim Powell has provided a download link from MajorGeeks [2]. I’ve not had a chance to fully evaluate the product but can say that it’s very fast in operation and looks to be another useful tool for your anti-rootkit arsenal. The same comments apply to GMER [3], another new rootkit detector. More interesting in some ways is a new product out of China called DarkSpy [4]. Like IceSword, it’s not a detector per se, but a set of tools to aid detection. I liked it a lot; it’s like IceSword Mark 2. Indeed its ability to terminate any process or delete any file is quite extraordinary. This one is strictly for experts as there is scant documentation and like all advanced tools, it may create problems on some PCs and trigger possible security warnings.


This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.

= Paid content

All Windows Secrets articles posted on 2006-07-20: