Detailed list of anti-rootkit detection and removal software showing: Name, Publisher, OS, Cost/Rating, and Version. Also lists “Rootkit Prevention Software”.
GMER
gmer.netPrice: Free
Platform: Windows
Last Modified: April 4, 2013
Gmer detects rootkits. It scans for:
- hidden processes
- hidden files
- hidden services
- hidden registry keys
- hidden drivers
- drivers hooking SSDT (System Service Descriptor Table)
- drivers hooking IDT (Interrupt Descriptor Table)
- drivers hooking IRP (IO Request Packet) calls
You can see some scanning output samples on their website.
Kaspersky TDSSKiller
kaspersky.comPrice: Free
Platform: Windows
A rootkit for Windows systems is a program that penetrates into the system and intercepts the system
functions (Windows API). It can effectively hide its presence by intercepting and modifying low-level API functions.
- The utility supports 32-bit and 64-bit operation systems.
- The utility can be run in Normal Mode and Safe Mode.
- It detects and removes the following malware: malware family Rootkit.Win32.TDSS; bootkits; rootkits.
RootkitBuster
trendmicro.comPrice: Free
Platform: Windows
“Trend Micro RootkitBuster scans hidden files, registry entries, processes, drivers, services, ports, and the master boot record (MBR) to identify and remove rootkits.”
RootkitRevealer v1.71
microsoft.comPrice: Free
Platform: Windows
Last Modified: November 13, 2012
(note: RootkitRevealer is not intended to detect memory-based rootkits like Fu that don’t attempt to hide their files or registry keys).
If you use it to identify the presence of a rootkit please let us know!”
Sophos Anti-Rootkit
sophos.comPrice: Free
Platform: Windows
“Removing rootkits without compromising system integrity is particularly challenging and needs to be done with care. Our free software, Sophos Anti-Rootkit, finds and removes any rootkit that is hidden on your computer. “