For rootkit tools, folks can look at the free software list at [ https :// www. bleepingcomputer. com/download/search/?keyword=root+kit ] for some tools, I’ve used them all, they seem okay, but hey, if we don;t have a rootkit, how would we know?
Free [ Rootkit Revealer ] from SysInternals is 13 years old, and that’s probably the last time I dealt with a rootkit, if I remember, rootkits are blind to remote control, and free tools from SysInternals allowed me to initiate a remote-control session right on the same computer, no network or other computer needed, and then I could dig, find, and eliminate the rootkit while I was in a terminal session, remoting in to myself, very clever, like removing a nail from a car tire while the car is driving down the road, but computers defy analogies, and it worked rather easily – now, however, Rootkit Revealer just immediately exits, with Windows saying [ Program has stopped ] error on my current Windows 7 64 Pro, so I do not think it works on currently updated computers.
Also, I recall that Sony BMG themselves was responsible for installing a rootkit via their music CDs in an attempt to prevent people ripping Sony BMG music, it then provided a hidden open door for others to gain root permission access so they appear as authentic parts of the authorized operating system so anti-malware programs that load later were denied the ability to see and control such invaders, Sony BMG sort of apologized and released workarounds, but people can still play older Sony BMG music CDs today and still get infected by the rootkit, it’s not like they collected all the music CDs and shred them and issued free replacements, they are still out there in aging CD collections that folks might be recycling and new folks trying to even just play their parent’s old funny shiny disky thingies ( hey, folks, what’s this stack of AOL plastic thingies with shiny metal sliders on ’em for? ).
Our fellow contributors at [ https ://en. wikipedia. org/wiki/Rootkit ] suggest alternative programs for detecting ( and eliminating ? repairing after ? ) rootkits:
– Microsoft Sysinternals RootkitRevealer ( for XP )
– Avast Antivirus
– Sophos Anti-Rootkit
– F-Secure
– Radix
– GMER
– WindowsSCOPE
– Microsoft’s monthly Windows Malicious Software Removal Tool is able to detect and remove some classes of rootkits
– Windows Defender Offline can remove rootkits
– UEFI Unified Extensible Firmware Interface is designed to address the threat of rootkits
– TXT Intel Trusted Execution Technology verifying that servers remain in a known good state
– Microsoft Bitlocker’s encryption of data-at-rest verifies that servers are in a known “good state” on bootup
– PrivateCore vCage secures data-in-use ( memory ) in concert with Intel TXT
Some resources refer to bootkits and rootkits, a distinction without much of an essential difference in what we have to do to find, kill, and repair after them.
Does anyone want to add Greatis Unhackme to that Wikipedia page?