Monthly Archives: April 2011

Anti-Rootkit scanner tools

Here are some well known anti-rootkit scanners that are a must have in your tools collection. Its always good to have a couple of anti-rootkit scanners as you might find some scanners may not detect all rootkits. The download links are for those versions mentioned in the table at the time of this post so for future versions I recommend you visit the sites to make sure you obtain the latest version.

Anti-Rootkit Scanner Version Signed D
Sysinternals RootkitRevealer 1.71 01st November 2006
McAfee Rootkit Detective 1.1 19th October 2007
F-Secure BlackLight 2.2.1092.0 30th September 2008
Sophos Anti-Rootkit 1.5.4 26th May 2010
Trend Micro RootkitBuster 3.60.0.1016 07th December 2010

My favourite one is Trend Micro’s RootkitBuster, not just for its performance and design but also because Trend Micro has done a good job in keeping its tool up-to-date with new detection features.