New Rootkit Detector Released

Discussion in 'other anti-trojan software' started by StevieO, Nov 14, 2005.

Thread Status:
Not open for further replies.
  1. StevieO

    StevieO Guest

    Rootkit V2 Detector BETA1 - FILESYSTEM ENGINE - This is an updated version of the previous Rootkit V0.62 Detector

    From the DL README file


    Author: Andres Tarasco Acuña

    Rkdetector filesystem is an advanced rootkit detector software that includes
    its own ntfs and FAT32 filesystem Driver.

    This drivers allows rkdetector to perform the following tasks:

    - Filesystem browser
    - Rootkit detector (search for hidden files)
    - ADS (alternate Data Streams) Scanner
    - Wipe Disk (secure file deletion Dod Compliant Erase both file and mft entries)
    - Data Recovery (recovery of deleted files)
    - Registry browser (Raw registry files browser)
    - Hidden registry key scanner (search for hidden keys/services)

    NOT INCLUDED IN THIS BETA RELEASE:

    - Export results
    - Perform wipe /recovery with FAT32 filesystems.
    - Search filter ( search for A/C/D/M file times)
    - IAT analyzer / Patcher.
    - Rootkits Patterns
    - Ports monitor.
    - Malware eliminator.

    There is also available a private rkdetector v2.0 Filesystem console Edition edition that also includes:

    - Console release
    - perform Custom security checks.
    - Xml /CSV results

    Download here

    http://translate.google.com/transla...&hl=en&ie=UTF-8&oe=UTF-8&prev=/language_tools

    Forum here

    http://216.239.39.104/translate_c?h...ellsec.net/index.php?c=5&prev=/language_tools


    StevieO
     
  2. suv

    suv Guest

  3. This could be a keeper!

    Have been waiting for this for some time.
    Developed by the writer of rkdetector 0.6

    The 'mountain range data" file and "tracklog" file are nuisance files and crop up all over the place. seem not to be anything to be concerned about.

    http://www.rkdetector.com/
     
  4. controler

    controler Guest

  5. controler

    controler Guest

    Not sure why but this is what I get when running this version.

    PG blocked wmiprvse.exe from terminating mshta.exe
     
  6. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,089
    rkdetector v2.0 beta support forum Here.

    -- Tom
     
  7. T772

    T772 Guest

    Hi,

    Why doea Mcafee still detect this as HKH-Keylog? There is no other info at McAfee on there site about this one - could it be a false postive??

    I think its ok , but what do you guys think

    T
     
  8. T772

    T772 Guest

    Updated, was a false postive

    T
     
Thread Status:
Not open for further replies.