List of Anti-Rootkits
PostPosted:Thu Mar 11, 2010 4:01 pm
Follows is a list of antirootkits. I have mirrored some of the hard-to-download ones at this site. If the author of a tool would not like me to mirror their tool, please email or PM me and I will remove the link.
Also, if you know of any more antirootkits, please post or PM me, and I will add them to the list.
Also, if you know of any more antirootkits, please post or PM me, and I will add them to the list.
- ATool - http://www.antiy.net/download/atool.rar (dead link -> use mirror)
- ATool (mirror) - http://www.kernelmode.info/ARKs/atool.rar
- Antivir Antirootkit - http://dl.antivir.de/down/windows/antivir_rootkit.zip
- AntiSpy - http://antispy.googlecode.com/files/AntiSpy1.2.zip & http://www.kernelmode.info/forum/viewto ... =11&t=2438
- Avast! Antirootkit - http://files.avast.com/files/beta/aswar.exe
- Avast! MBR Scanner http://public.avast.com/~gmerek/aswMBR.htm
- AVZ - http://www.z-oleg.com/secur/avz/download.php
- Catchme - http://www2.gmer.net/catchme.exe
- CodeWalker ARK - http://cmcinfosec.com/download/cmcark_cw0.2.4.500.rar
- CodeWalker ARK (mirror) - http://www.kernelmode.info/ARKs/cmcark_cw0.2.4.500.rar
- CsrWalker - http://www.rootkit.com/vault/DiabloNova/cwalker.rar (dead link -> use mirror)
- CsrWalker (mirror) - http://www.kernelmode.info/ARKs/cwalker.rar
- DarkSpy 1.05 - http://www.rootkit.com/vault/cardmagic/ ... x2beta.rar (dead link -> use mirror)
- DarkSpy 1.05 (mirror) - http://www.kernelmode.info/ARKs/DS105fix2beta.rar
- DeepMonitor - http://orkblutt.free.fr/DeepMonitor.exe
- Deep System Explorer (dead link) - http://diamondcs.com.au/downloads/dsesetup.exe
- Deep System Explorer (mirror) - http://www.kernelmode.info/ARKs/dsesetup.exe
- Dr. Web DwShark (mirror) - http://www.kernelmode.info/ARKs/DwShark.rar
- Dr. Web DwShark (newer version) (mirror) - http://www.kernelmode.info/ARKs/DrwShark.7z
- Esage Bootkit Remover http://www.esagelab.com/files/bootkit_remover.rar
- Esage Bootkit Remover (mirror) http://www.kernelmode.info/ARKs/bootkit_remover.zip
- ESET SysInspector http://www.eset.eu/en/eset-sysinspector
- F-Secure Blacklight - ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe
- Filter Monitor - http://ntcore.com/files/FilterMon.zip
- FindDll 2 (by Eric_71) - http://eric71.geekstogo.com/beta/FindDll2.exe
- FLISTER - http://www.invisiblethings.org/tools/flister.zip (dead link -> use mirror)
- FLISTER (mirror) - http://www.kernelmode.info/ARKs/flister.zip
- G Data Rootkit Scanner - http://www.kernelmode.info/forum/viewto ... =11&t=3342
- GMER - http://www2.gmer.net/gmer.zip
- Helios - http://helios.miel-labs.com/downloads/Helios.zip
- Helios Lite - http://helios.miel-labs.com/downloads/Helios-Lite.zip
- HiddenFinder - http://www.wenpoint.com/download/HiddenFinder_setup.exe
- Hook Analyzer - http://www.resplendence.com/download/hookanlz302.exe
- HookShark (dead link) - http://home.arcor.de/neotracer/HookShark.rar
- HookShark (mirror) - http://www.kernelmode.info/ARKs/HookShark.rar
- IceSword 1.22 (english) - http://mail.ustc.edu.cn/~jfpan/download ... d122en.zip
- IceSword 1.22 (english) (mirror) - http://www.kernelmode.info/ARKs/IceSword122en.zip
- Kaspersky TDSSKiller http://support.kaspersky.com/downloads/ ... killer.zip
- Kernel Detective v1.3.1 - http://www.at4re.com/files/Tools/Releas ... v1.3.1.zip
- Kernel Detective v1.3.1 (mirror) - http://www.kernelmode.info/ARKs/Kernel_ ... v1.3.1.zip
- kX-Ray 1.0.0.102 - http://bugczech.fu8.com/bin/kX-Ray_v1.0 ... 2_beta.zip (dead link -> use mirror)
- kX-Ray 1.0.0.102 (mirror) - http://www.kernelmode.info/ARKs/kX-Ray_ ... 2_beta.zip
- Mandiant Memoryze - http://fred.mandiant.com/MemoryzeSetup.msi
- McAfee Rootkit Detective - http://download.nai.com/products/mcafee ... ective.zip
- modGREPER - http://invisiblethings.org/tools/modGRE ... .3-bin.zip (dead link -> use mirror)
- modGREPER (mirror) - http://www.kernelmode.info/ARKs/modGREPER-0.3-bin.zip
- NIAP Rootkit Detect Tools - http://www.rootkit.com/vault/uty/NIAPAn ... tTools.rar (dead link -> use mirror)
- NIAP Rootkit Detect Tools (mirror) - http://www.kernelmode.info/ARKs/NIAPAnt ... tTools.rar
- Norton Power Eraser http://liveupdate.symantec.com/upgrade/NPE/1033/NPE.exe
- Oshi Unhooker http://www.oshiunhooker.com/download.php
- Panda Antirootkit - http://research.pandasecurity.com/blogs ... ootkit.zip
- Process Hunter - http://www.wasm.ru/baixado.php?mode=tool&id=359
- Process Walker - http://www.rootkit.com/vault/DiabloNova ... Walker.rar (dead link -> use mirror)
- Process Walker (mirror) - http://www.kernelmode.info/ARKs/ProcessWalker.rar
- Radix - http://www.usec.at/downloads3/radix_installer.zip
- RegReveal - http://www.geocities.jp/kiskzo/regreveal_v10beta3.zip
- RootkitDetector - http://www.tarasco.org/security/Rootkit ... tector.zip
- Rootkit Unhooker 3.8 SR2 - http://www.kernelmode.info/ARKs/RkU3.8.389.593.rar
- Rootkit Revealer - http://download.sysinternals.com/Files/ ... vealer.zip
- RootQuest (dead link) - http://comsentry.com/files/RootQuest_v1.exe
- RootQuest (mirror) - http://www.kernelmode.info/ARKs/RootQuest_v1.rar
- RootRepeal - http://rootrepeal.googlepages.com/RootRepeal.rar
- Safe'n'Sec Personal Pro + Rootkit Detector - http://www.safensoft.com/sns/snsrd_eng.exe (dead link -> use mirror)
- Safe'n'Sec Personal Pro + Rootkit Detector (mirror) - http://www.kernelmode.info/ARKs/snsrd_eng.exe
- SafetyCheck 1.7 - http://yyuyao.googlepages.com/SafetyCheck1.7Beta.rar
- SanityCheck - http://www.resplendence.com/download/sanitySetup.exe
- Sophos Antirootkit - http://www.sophos.com/products/free-too ... /download/
- Stealth MBR Rootkit Detector - http://www2.gmer.net/mbr/mbr.exe
- SysProt Antirootkit - http://sites.google.com/site/sysprotant ... ects=0&d=1
- SysReveal - http://www.sysreveal.com/download/SysReveal.zip
- TDSS Remover - http://www.esagelab.com/files/tdss_remover_latest.rar
- Tizer Rootkit Razor - http://www.tizersecure.com/freedownload ... 0Setup.msi (dead link -> use mirror)
- Tizer Rootkit Razor (mirror) - http://www.kernelmode.info/ARKs/Tizer%2 ... 0Setup.msi
- TrendMicro RootkitBuster - http://www.trendmicro.com/ftp/products/ ... 0.1016.zip
- Tuluka Kernel Inspector - http://tuluka.org/tlk/Tuluka_v1.0.394.77.zip
- Tukula Kernel Inspector (mirror) - http://www.kernelmode.info/ARKs/Tuluka_v1.0.394.77.zip
- VBA32 Antirootkit - ftp://anti-virus.by/pub/vba32arkit.zip
- XueTr - http://xuetr.com/download/XueTr.zip
- XueTr CLI - http://www.xuetr.com/download/XueTr_Cmd.zip
- YasKit 1.223 - http://qzdx.kafan.cn/down1//AntiSpyWare ... t1.223.rar (dead link -> use mirror)
- YasKit 1.223 (mirror) - http://www.kernelmode.info/ARKs/YasKit1.223.rar
- Avast! Antirootkit - http://files.avast.com/files/beta/aswar.exe
- Avast! MBR Scanner - http://public.avast.com/~gmerek/aswMBR.htm
- ESET SysInspector - http://www.eset.eu/en/eset-sysinspector
- GMER (link same as above)
- SanityCheck (link same as above)
- Sophos - http://www.sophos.com/en-us/products/fr ... otkit.aspx
- TrueX64 (mirror) - http://www.kernelmode.info/ARKs/TrueX64.rar
- Win64AST - http://www.kernelmode.info/forum/viewto ... =11&t=1691
- Windows Kernel Explorer - viewtopic.php?f=11&t=5316
- PC Hunter - http://www.xuetr.com/