New Rootkit Detector Released

Discussion in 'other anti-trojan software' started by StevieO, Nov 14, 2005.

Thread Status:
Not open for further replies.
  1. StevieO

    StevieO Guest

    Rootkit V2 Detector BETA1 - FILESYSTEM ENGINE - This is an updated version of the previous Rootkit V0.62 Detector

    From the DL README file

    Author: Andres Tarasco Acuña

    Rkdetector filesystem is an advanced rootkit detector software that includes
    its own ntfs and FAT32 filesystem Driver.

    This drivers allows rkdetector to perform the following tasks:

    - Filesystem browser
    - Rootkit detector (search for hidden files)
    - ADS (alternate Data Streams) Scanner
    - Wipe Disk (secure file deletion Dod Compliant Erase both file and mft entries)
    - Data Recovery (recovery of deleted files)
    - Registry browser (Raw registry files browser)
    - Hidden registry key scanner (search for hidden keys/services)


    - Export results
    - Perform wipe /recovery with FAT32 filesystems.
    - Search filter ( search for A/C/D/M file times)
    - IAT analyzer / Patcher.
    - Rootkits Patterns
    - Ports monitor.
    - Malware eliminator.

    There is also available a private rkdetector v2.0 Filesystem console Edition edition that also includes:

    - Console release
    - perform Custom security checks.
    - Xml /CSV results

    Download here

    Forum here

  2. suv

    suv Guest

  3. This could be a keeper!

    Have been waiting for this for some time.
    Developed by the writer of rkdetector 0.6

    The 'mountain range data" file and "tracklog" file are nuisance files and crop up all over the place. seem not to be anything to be concerned about.
  4. controler

    controler Guest

  5. controler

    controler Guest

    Not sure why but this is what I get when running this version.

    PG blocked wmiprvse.exe from terminating mshta.exe
  6. lotuseclat79

    lotuseclat79 Registered Member

    Jun 16, 2005
    rkdetector v2.0 beta support forum Here.

    -- Tom
  7. T772

    T772 Guest


    Why doea Mcafee still detect this as HKH-Keylog? There is no other info at McAfee on there site about this one - could it be a false postive??

    I think its ok , but what do you guys think

  8. T772

    T772 Guest

    Updated, was a false postive

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.