whats the best rootkit and trojan finder

Offline
Mount it offline, and save time with a custom scan of just the system32 folder with the following:
Dr Web CureIT
SAS
Microsoft Malicious Software Removal Tool
(Hitmanpro if you have the paid version.)
even McAfee Stinger

This'll save time. If they don't detect the rootkit here, then a full scan would have been a waste of time anyway.

While you're scanning, check for hidden partitions, and check the MBR and autoruns (offline registry, win.ini, etc). You can also manually check the usual spots for standard trojans e.g. ProgramData, Program files, Appdata, etc. As long as you've deactivated the method for any trojans to start, then it's not so important to scan and remove them all offline. Manually search and delete any autorun.inf files.

Replace any detected system files with originals from the Windows install media.


Online
Malwarebytes QUICK scan
> Hijackthis / Sysinternals autoruns
HitmanPro quick scan
TDSSKiller
Combofix
then repeat with FULL scans from various tools e.g. Kaspersky AVPTool and leave it to scan.


It's not necessarily the most skilled way, but can be quick & effective to use some of these elements.

 

Has anyone heard about this one http://www.simplysup.com/

 

Yes, I've used this before, and still do from time to time.

Edit: Actually I keep forgetting about this one (Theres so many) until someone here mentions it.
Small download
Fast updates
Quick scans

 

which one do u consider to be most reliable

 

Thats a tough one sense my security setup strategy has been focused on prevention instead of detection and cure. Anytime I scan using any scanner if I get a hit its a FP. I haven't been infected in over five years.

 

Trojan Remover!

 

but Sophos Anti-Rootkit 1.5.4 is pretty old 2009-07-14

 

for me it is hitman pro and combofix

 

A shame that combofix is 32bit only.

 

Not a shame most rootkits are. I don't have (or need) a dedicated rootkit finder anymore.

 

Most but not all.

I don't exactly feel threatened by rootkits on 64bit but if I'm going to do a scan I want to be sure.

 

than hitman pro is the solution

 

howz eset sys inspector against rootkits?

 

never try it

 

Hey J do you see this video from this post? https://www.wilderssecurity.com/showpost.php?p=1902034&postcount=23

TH

 

like it

 

anyone here using eset sys inspector?? and if yes ..is this effective?

 

is it included in the antivirus program or in the security package?thanks

 

Have a look here and or Download: http://kb.eset.com/esetkb/index?pag...earch&viewlocale=en_US&searchid=1310585816477

TH

 

thanks alot

 

Anytime!

TH

 

At rootkits? Not particularly:
Comparitive Analysis of Rootkit Detection Techniques, May 2011:
http://sce.uhcl.edu/yang/research/A Comparitive Analysis of Rootkit Detection Techniques.pdf

Useful that it can detect things like drivers that seem dodgy, e.g. if running out of a temp folder. Clunky interface.

Most of the antirootkits are out of date, last worked on in 2008.

Of the dedicated antirootkits, only RKU found all four rootkits without false positives according to table 7. GMER missed one.

For cleaners (excluding antivirus suites), Malwarebytes and Combofix did the best. Hitmanpro wasn't included in the testing.

 

+ I downloaded that report for further reading later.