Rootkit Information and Detection
Rootkit detectors, antirootkit scanners, reviews and general information about rootkits and the products that detect them.
Avira Rootkit Detection Beta
Avira Rootkit Detection Beta supports Windows 2000 Server or Workstation, Windows XP Home and Professional, Windows Server 2003 (all versions), and Windows Vista (32-bit only). Available in English language only. Beta is free but registration is required.
Avira Rootkit Detection Beta supports Windows 2000 Server or Workstation, Windows XP Home and Professional, Windows Server 2003 (all versions), and Windows Vista (32-bit only). Available in English language only. Beta is free but registration is required.
F-Secure Blacklight
F-Secure Blacklight is available free. Provides detection and removal of common rootkits. Commandline version available. Also supports Windows Vista (32-bit only).
F-Secure Blacklight is available free. Provides detection and removal of common rootkits. Commandline version available. Also supports Windows Vista (32-bit only).
IceSword
Available for free, IceSword is one of the lesser known but more capable rootkit detectors available. More suited for advanced users, IceSword identifies user-mode rootkits only (though it will at least list kernel-mode drivers for intrepid users who don't mind a lot of independent research. Works only under Windows XP.
Available for free, IceSword is one of the lesser known but more capable rootkit detectors available. More suited for advanced users, IceSword identifies user-mode rootkits only (though it will at least list kernel-mode drivers for intrepid users who don't mind a lot of independent research. Works only under Windows XP.
McAfee Rootkit Detective v1.1
Free rootkit detection from McAfee. Supports Windows XP SP2 Home and Professional Editions, Windows 2000 SP4, Windows 2000 Server, and Windows 2003 Server SP1.
Free rootkit detection from McAfee. Supports Windows XP SP2 Home and Professional Editions, Windows 2000 SP4, Windows 2000 Server, and Windows 2003 Server SP1.
Panda Anti-Rootkit
Free beta antirootkit scanner from Panda Software, Panda AntiRootkit identifies known and unknown rootkits and gives the option of removing them, including their associated registry entries, processes and files. A commandline version is also available. Supports Windows 2000 and Windows XP SP2 (Home or Pro).
Free beta antirootkit scanner from Panda Software, Panda AntiRootkit identifies known and unknown rootkits and gives the option of removing them, including their associated registry entries, processes and files. A commandline version is also available. Supports Windows 2000 and Windows XP SP2 (Home or Pro).
Rootkit Revealer
Formerly from SysInternals; acquired by Microsoft. Detects some of the more common rootkits. No commandline version.
Formerly from SysInternals; acquired by Microsoft. Detects some of the more common rootkits. No commandline version.
Sophos AntiRootkit
A free rootkit detector from Sophos that runs under Windows NT/2000/XP/2003. Includes both a Windows graphical user interface (GUI) and a commandline version. Supports Windows NT 4.0 (SP 6a with IE 4.0), Windows 2000 (Professional or Server), Windows XP (Home or Professional), Windows Server 2003 SE, and Windows Small Business Server 2003.
A free rootkit detector from Sophos that runs under Windows NT/2000/XP/2003. Includes both a Windows graphical user interface (GUI) and a commandline version. Supports Windows NT 4.0 (SP 6a with IE 4.0), Windows 2000 (Professional or Server), Windows XP (Home or Professional), Windows Server 2003 SE, and Windows Small Business Server 2003.
Trend Micro RootkitBuster
Trend Micro RootkitBuster scans for hidden files, registry entries, processes, drivers and hooked system services. Provides cleaning capability for hidden files and registry entries.
Trend Micro RootkitBuster scans for hidden files, registry entries, processes, drivers and hooked system services. Provides cleaning capability for hidden files and registry entries.