whats the best rootkit and trojan finder

winterlord · #1 January 27th, 2011, 05:21 AM

hi i am looking for a good rootkit finder preferably one that is easy to use but if not thats ok to.

thanks
winter

adam993 · #2 January 27th, 2011, 06:38 AM

Gmer

or Sophos Antirootkit

Kernelwars · #3 January 27th, 2011, 07:21 AM

prevx, hitman pro, dr. web cureit

PJC · #4 January 27th, 2011, 08:45 AM

Rootkits
-GMER, UnHackMe, Teazer Rootkit Razor, and for TDSS (Kaspersky).
-Prevx, HMP, EAM, and Dr.Web CureIt!

Trojans
MBAM, SAS, EAM, Dr.Web CureIt!, HMP etc.

winterlord · #5 February 1st, 2011, 05:18 PM

ok i used gmer and noticed that most of the upper check boxes on right hand side are greyed out. is there a payed version of this or?

Searching_ _ _ · #6 February 1st, 2011, 06:57 PM

Depends on skills, some peeps at this forum don't need to use an ARK to find RK's, they use debuggers to analyze code and are familiar with all of the tricks used by malwares.
Others are Tool Operators, like myself, less skilled relying on the data we are given by the tool to determine our direction.

GMER is so often used that malware authors have designed around it.
When something is active on the system there will sometimes be a lack of information, crashing, or non working features of the tool. It's a clue that something is not right and requires further attention.
At GMER's default settings, after it completes it's preliminary scan, all check boxes on the right should be accessible. If not, then something is wrong.

There are many ARK's available, check out kernelmode.info forum for a very thorough list.

Cutting_Edgetech · #7 February 2nd, 2011, 02:04 AM

For rootkits: GMER, Sophos Antirootkit, MBAM, Prevx, & HMP. I believe GMER is the best though. I've also heard that Combo fix is great, but i've never used it myself and it can be dangerous to use if you don't know what your doing.

Trojans: Avira, Gdata, Kasparsky, HMP, & Hijack This.

cm1971 · #8 February 2nd, 2011, 05:58 AM

Quote:

Originally Posted by Cutting_Edgetech

For rootkits: GMER, Sophos Antirootkit, MBAM, Prevx, & HMP. I believe GMER is the best though. I've also heard that Combo fix is great, but i've never used it myself and it can be dangerous to use if you don't know what your doing.

Trojans: Avira, Gdata, Kasparsky, HMP, & Hijack This.

I second this. If you use Combo Fix be careful as you can mess your PC up if you don't know what you are doing with it.

sweater · #9 February 2nd, 2011, 06:17 AM

Quote:

Originally Posted by Cutting_Edgetech

For rootkits: GMER, Sophos Antirootkit, MBAM, Prevx, & HMP. I believe GMER is the best though. I've also heard that Combo fix is great, but i've never used it myself and it can be dangerous to use if you don't know what your doing.

Trojans: Avira, Gdata, Kasparsky, HMP, & Hijack This.

Are GMER "safe" to use, I mean will it not make any problems in your pc after it disabled and deleted what it finds?

Noob · #10 February 2nd, 2011, 07:33 PM

EAM is a great tool.
As others mentioned: HMP, GMER, Combofix (Although i've never used it, lots of people recommend it)

gerardwil · #11 February 2nd, 2011, 08:37 PM

Trojans: MBAM

sm1 · #12 February 2nd, 2011, 08:47 PM

Trend Micro Rootkit Buster is easier to use. But like any other anti rootkit it is important to analyse the results.

tipo · #13 February 3rd, 2011, 02:02 AM

tizer rootkit razor looks good and doing a great job.

Cutting_Edgetech · #14 February 3rd, 2011, 02:08 AM

Quote:

Originally Posted by sweater

Are GMER "safe" to use, I mean will it not make any problems in your pc after it disabled and deleted what it finds?

I have used GMER to remove rootkits before with no problems. If you mistakenly remove any important system files then you will definitely have serious problems. So if your not sure then always seek guidance from a professional before removing anything.

PJC · #15 February 3rd, 2011, 07:17 AM

Quote:

Originally Posted by tipo

tizer rootkit razor looks good and doing a great job.

Oh, yes!

zip · #16 February 5th, 2011, 01:29 PM

Quote:

Originally Posted by adam993

Gmer

or Sophos Antirootkit

Gmer is built into avast!, Gmer is now owned by avast!.

The developer of Gmer now works for avast!.

IMHO, Gmer is the best rootkit finder.

I like MalwareBytes Antimalware Free for scanning for trojans.

dr pan k · #17 February 7th, 2011, 08:18 AM

this is the complete list of anti-rootkits here

besides gmer concider RKU, comes in free and "microsoft" flavour

MrBrian · #18 February 7th, 2011, 09:26 PM

Anti-rootkit software test #3 from Anti-Malware Test Lab

AssassinKID · #19 July 2nd, 2011, 02:50 AM

I'm a total noob @ rootkit detecting/removing. So what is the easiest rootkit finder to use? thanks

J_L · #20 July 2nd, 2011, 03:02 AM

Hitman Pro or an AV Rescue CD like Dr.Web.

AssassinKID · #21 July 2nd, 2011, 09:25 PM

Quote:

Originally Posted by J_L

Hitman Pro or an AV Rescue CD like Dr.Web.

K, thanks, I've got them both!

031 · #22 July 3rd, 2011, 12:29 AM

Quote:

Originally Posted by AssassinKID

I'm a total noob @ rootkit detecting/removing. So what is the easiest rootkit finder to use? thanks

First try the scanners provided by various antivirus vendors. If that doesn't work then go for complex tools like Gmer. Here are some good scanners:
1. Dr. web cure it

2. Kaspersky AVP tool.

3.Microsoft Safety Scanner

4.Fsecure Easy clean.

good luck.

EboO · #23 July 3rd, 2011, 03:51 AM

Better than Gmer (include in avast and Mbam) you can use Icesword, but it's not designed for vista and 7.

Spooony · #24 July 3rd, 2011, 08:31 PM

Run these in order

Rkill
http://download.bleepingcomputer.com...r/iExplore.exe

SAS
http://www.superantispyware.com/sasportable.php

Malwarebytes
http://www.filehippo.com/download_ma..._anti_malware/
Tdskiller
http://support.kaspersky.com/downloa...tdsskiller.zip
Combofix<-Rename it to Jenip.com
http://www.Combofix.org

AssassinKID · #25 July 4th, 2011, 07:45 AM

Good threads with good suggestions. Thanks all!

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search