Free Anti-Rootkit Software
Free rootkit removers – Afraid of the rootkits? You should be. Check your system for rootkits using one or more of the free anti rootkit software below:
RootkitRevealer - RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
GMER – an application that detects and removes rootkits . It scans for: hidden processes, hidden threads, hidden modules, hidden services, hidden files, hidden Alternate Data Streams, hidden registry keys, drivers hooking SSDT, drivers hooking IDT, drivers hooking IRP calls, inline hooks.
Kaspersky Anti-rootkit utility TDSSKiller – malware family Rootkit.Win32.TDSS; bootkits; rootkits. Rootkit.Win32.TDSS, Rootkit.Win32.Stoned.d, Rootkit.Boot.Cidox.a, Rootkit.Boot.SST.a, Rootkit.Boot.Pihar.a,b, Rootkit.Boot.Bootkor.a, Rootkit.Boot.MyBios.b, Rootkit.Win32.TDSS.mbr, Rootkit.Boot.Wistler.a, Rootkit.Win32.ZAccess.aml,c,e,f,g,h,i,j,k, Rootkit.Boot.SST.b, Rootkit.Boot.Fisp.a, Rootkit.Boot.Nimnul.a, Rootkit.Boot.Batan.a, Rootkit.Boot.Lapka.a, Rootkit.Boot.Pihar.b, Rootkit.Boot.Goodkit.a, Rootkit.Boot.Clones.a, Backdoor.Win32.Trup.a,b, Backdoor.Win32.Sinowal.knf,kmy, Backdoor.Win32.Phanta.a,b, Virus.Win32.TDSS.a,b,c,d,e, Virus.Win32.Rloader.a, Virus.Win32.Cmoser.a, Virus.Win32.Zhaba.a,b,c, Trojan-Clicker.Win32.Wistler.a,b,c, Trojan-Dropper.Boot.Niwa.a, Trojan-Ransom.Boot.Mbro.d, e, Trojan-Ransom.Boot.Siob.a.
Avast aswMBR – aswMBR is the rootkit scanner that scans for TDL4/3, MBRoot (Sinowal), Whistler and other rootkits.
IceSword - It isn’t a “click-here-to-delete-rootkits” product but a sophisticated discovery tool that can protect against sinister rootkits if used before they infect a machine.
F-Secure Blacklight - it’s time to find out, whether your computer is infected by invisible rootkits.
Resplendence Software – RootKit Hook Analyzer – RootKit Hook Analyzer is a security tool which will check if there are any rootkits installed on your computer which hook the kernel system services. Kernel RootKit Hooks are installed modules which intercept the principal system services that all programs and the operating system rely on. If any of these system services are intercepted and modified it means that there is a possibility that the safety of your system is at risk and that spyware, viruses or malware are active.
Panda Anti-Rootkit - Panda Anti-Rootkit digs deeper than any other anti-rootkit tool I’ve seen, telling you exactly what it found.
DarkSpy Anti-Rootkit – DarkSpy(Freeware) Anti-Rookit is a powerful tool for rootkit detection. DarkSpy is a multiway-based detection tool . It internally combines many effective detection techniques, including DarkSpy’s own handlers and also methods used by other famous tools.
Trend Micro Rootkit Buster - is a rootkit scanner that offers ability to scan for hidden files, registry entries, processes, drivers and hooked system service. It also includes the cleaning capability for hidden files and registry entries.
Sophos Anti-Rootkit - Enhanced detection and clean-up facilities and Uses standard Windows procedures for install and uninstall.
AVG Anti-Rootkit - is a powerful tool with state-of-the-art technology for detection and removal of rootkits.
SysProt AntiRootkit – Hidden process detection and removal, Hidden drivers detection, SSDT Hooks detection and remvoal, Kernel Inline hooks detection and removal, Sysenter Hook detection, TCP/UDP Ports Info, File System browser, Hidden Services Registry keys detection and removal.
McAfee Rootkit Detective - a program designed and developed by McAfee Avert Labs to proactively detect and clean rootkits that are running on the system.
BitDefender RootkitUncover - Scan files and processes for rootkits and safely remove them.
Radix – Detects and removes Rootkits using sophisticated methodologies. Detects and repairs drivers that have been modified by Rootkits. Detects and repairs computer processes modified by Rootkits. Detects and reveals hidden processes and files, including Alternate Data Streams (ADS). Allows the removal of “locked” or “unremovable” processes and files. Provides to dump memory areas from processes. Shows the Global Descriptor Table (GDT) for advanced Rootkit Detection capabilities. Shows the Import Address Table (IAT) for advanced Rootkit Detection capabilities. Shows the Interrupt Descriptor Table (IDT) for advanced Rootkit Detection capabilities. Shows hidden Registry Keys. Operates in both command line mode for power users, or as a graphical tool for regular users.
System Virginity Verifier – The idea behind SVV is to check important Windows System components, which are usually altered by various stealth malware, in order to ensure system integrity and to discovery potential system compromise.
Hypersight Rootkit Detector – Hypersight Rootkit Detector is a brand-new product designed to detect malicious activities in the operating system kernel It is a virtual machine monitor. Hypersight Rootkit Detector kernel runs as a hypervisor when the computer starts. The kernel controls critical operations and is completely transparent to the operating system and all software.
Helios – designed to detect, remove and innoculate against modern rootkits. What makes it different from conventional antivirus / antispyware products is that it does not rely on a database of known signatures. We believe that malware, by definition, has to perform malicious actions on your system. By observing which software performs malicious behaviour, you can better detect malware. Thus Helios uses a ‘behavioural’ analysis engine as opposed to signatures. The upside to this is that we can catch malware that is ‘unknown’ in the wild, or for which signature based products do not have a signature definition.
RKDetector – Security Analyzer & Rootkit Removal Runtime Forensic Analysis
RootRepeal – Currently, RootRepeal includes Driver Scan, Files Scan, Processes Scan, SSDT Scan, Stealth Objects Scan, Hidden Services Scan and Shadow SSDT Scan.
SpyDLLRemover – standalone tool to effectively detect and delete spywares from the system. It comes with advanced spyware scanner which quickly discovers hidden Rootkit processes as well suspcious/injected DLLs within all running processes. It not only performs sophisticated auto analysis on process DLLs but also displays them with various threatlevels, which greatly helps in quick identification of malicious DLLs.
Resplendence Software – SanityCheck, Advanced Rootkit and Malware Detector – makes use of a special Windows feature (a GlobalFlag setting) which allows it to create a deep inventory of drivers, devices, processes, threads and a lot of other information about your system. By making use of this feature in combination with other techniques it is able to create a very thorough scan of irregularities on your system.
Rootkit Razor – offers you a different approach to detecting and removing rootkits. Rootkit Razor tracks rootkits through the processes they hide, then exposes and removes them without damaging your system.
CodeWalker – Detect hidden processes, Detect hidden drivers, Detect hidden files (support NTFS only), Detect hooks in both kernel mode and usermode.
Kernel Detective – gives you the ability to : Detect Hidden Processes. Detect Hidden Threads. Detect Hidden DLLs. Detect Hidden Handles. Detect Hidden Driver. Detect Hooked SSDT. Detect Hooked Shadow SSDT. Detect Hooked IDT. Detect Kernel-mode code modifications and hooks. Disassemble (Read/Write) Kernel-mode/User-mode memory.
NoVirusThanks Anti-Rootkit – NoVirusThanks Anti-Rootkit is a sophisticated low-level system analysis tool whose main goal is to detect the presence of malware and rootkits. Hidden processes, hidden drivers, stealth DLL modules, code hooks etc. are just a few of the objects which can be detected in user space and system memory.
Windows Malicious Software Removal Tool – This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
More software downloads
- Browser Security
- Startup Manager
- Drive, File and Privacy Cleaners
- Windows Hardening Tools
- Malware Removal: Stand-alone and Specific Tools
- Advanced System Protectors, Analyzers, Malware Analysis and Control Tools
- Patch and software Auditors
- Privacy, Anonymity and Proxy
- Encryption Tools
- Password Manager
- File Shredders
- Windows and Browser Forensic Tools
- Anti-Malware Rescue CD and DVD
- Website Security Tools and Services
- Security Software Removal Tools
Contact Us to Suggest/Submit a software for this category.