Rootkit Hunter for Windows
If you are running
- Windows NT 4.0 (SP 6a with IE 4.0)
- Windows 2000 (Professional or Server)
- Windows XP (Home or Professional)
- Windows Server 2003 standard edition
- Windows Small Business Server 2003
and are not already using Sophos’ enterprise AV solution then you should definitely add their freerootkit remover to your arsenal of security tools. This is not just for enterprises but for anyone using the above distros.
The popular program Rootkit Hunter is only available for Linux based systems. It has not been ported for Windows systems.
Here are some other Rootkit removal tools for Windows
All of the above will only be useful against user mode rootkits and not kernel mode, firmware or virtual rootkits which are pretty much undetectable. Your only protection, other than switching to Linux for your OS is to keep everything on your system patched and up to date. Install Secunia’s Vulnerability Scanner as that will tell you what needs patching on your system.
If you think you have a rootkit but none of the above works then get BartPE into your toolkit as it will allow you to boot from a clean CD and use a virus scanner to scan your entire system. Rootkits can only hide when they are running and doing it this way they are not running. This is a system repair utility you really should have in your toolkit so go get it.
If you find this information useful or have anything to add - I’d appreciate hearing from you.
Comment from ingemar
Time: 9/3/2006, 3:35 am
thanks a million! sick of these hacking Aholes.
Two Thumbs up!