Anti-Rootkits

TDSSKiller - Anti-Rootkit

A rootkit is a program or a program kit that hides the presence of malware in the system. 

A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API). It can effectively hide its presence by intercepting and modifying low-level API functions. Moreover it can hide the presence of particular processes, folders, files and registry keys. Some rootkits install its own drivers and services in the system (they also remain “invisible”). 

Kaspersky Lab has developed the TDSSKiller which allows removing rootkits. TDSSKiller will scan your system in only about 15 seconds.

How to disinfect a compromised system
  • Download the TDSSKiller file. You can find the info how to download a file on the following pages: For users of Windows 8, For users of Windows 7, For users of Windows Vista.
  • Run the TDSSKiller.exe file on the infected (or possibly infected) computer.
  • Wait until the scanning and disinfection completes. A reboot might require after the disinfection has been completed.
Video TDSSKiller

Malwarebytes Anti-Rootkit (Beta)

Malwarebytes Anti-Rootkit BETA drills down and removes even deeply embedded rootkits.
Malwarebytes Anti-Rootkit BETA is cutting edge technology for detecting and removing the nastiest malicious rootkits.









Download

aswMBR

aswMBR is the rootkit scanner that scans for MBR/VBR/SRV rootkits. It can detect TDL4/3(Alureon), ZAccess, MBRoot (Sinowal), Whistler, SST, Cidox, Pihar and other malware.

The current version of aswMBR uses "Virtualization Technology" to improve detection of stealth malware. Please note that to use this feature your machine & CPU must support hardware virtualization.

Download

Sophos Anti-Rootkit

It is a free tool that detects and removes rootkits in the system using advanced detection technology. It protects us from any rootkit that may be hidden in our system before. Rootkits are programs encrypted routines that are hidden on computers and servers that are not detected by the different types of security software (antivirus, antispyware, antimalware, etc ..) The usage is very easy and convenient, and we can use in two ways: using GUI (sargui.exe); using the command line version (sarcli.exe). You can also select separate areas scanned.