Rootkits are program(s)which take fundamental control as Administrator access of a computer system, without authorization by the system’s owners and legitimate managers. Typically, rootkits act to obscure their presence on the system through subversion or evasion of standard operating system security mechanisms. Often, they are also Trojans as well, thus fooling users into believing they are safe to run on their systems. Techniques used to accomplish this can include concealing running processes from monitoring programs, or hiding files or system data from the operating system.
The following are a list of free Anti-rootkit security software that is available for Windows
1. Windows Malicious Software Removal Tool
Microsoft Windows Malicious Removal Tool is not a fully blown Rootkit removal tool but checks computers running Windows Vista, Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom—and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.
Microsoft releases an updated version of this tool on the second Tuesday of each month, and as needed to respond to security incidents. The tool is available from Microsoft Update, Windows Update and the Microsoft Download Center
2. Sophos Anti-Rootkit tool
Sophos Anti-Rootkit, finds and removes any rootkit that is hidden on your computer using advanced rootkit detection technology.
Download Sophos Anti-Rootkit tool here
3. Hypersight Rootkit Detection
The world’s first Fourth-Generation rootkit detector. Hypersight Rootkit Detector is a must have tool for anyone sharing their financial detail or conducting transactions over the Internet. Free at the moment but certainly indications that this may go commercial.
For now, try here
4. Radix Antirootkit software
With Radix Anti-Rookit you can detect and remove rootkits that are hiding on your PC mostly going undetected by normal Anti-Virus and Anti-Malware Software.
5. Rootkit Revealer from SysInternals (now Microsoft)
RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don’t attempt to hide their files or registry keys).
6. Rootkit Hook Analyzer
RootKit Hook Analyzer is a security tool which will check if there are any rootkits installed on your computer which hook the kernel system services. Kernel RootKit Hooks are installed modules which intercept the principal system services that all programs and the operating system rely on. If any of these system services are intercepted and modified it means that there is a possibility that the safety of your system is at risk and that spyware, viruses or malware are active.
7. McAfee Rootkit Detective Beta
McAfee Rootkit Detective Beta is a program designed and developed by McAfee Avert Labs to proactively detect and clean rootkits that are running on the system.
8. Rootkit Buster from TrendMicro
Trend Micro RootkitBuster is a rootkit scanner that scans hidden files, registry entries, processes, drivers, and Master Boot Record (MBR) rootkits. In addition, RootkitBuster can also clean hidden files and registry entries.
9. Panda Anti-Rootkit software
Panda Anti-Rootkit shows hidden system resources, identifying known and unknown rootkits. It analizes hidden drivers, processes, modules, files, registry entries, SDT modifications, EAT hooks, modification to the IDT, non standard INT2E and SYSENTER, IRP hooks. Unlike other anti-rootkit utilities which merely “reveal” hidden objects, Panda Anti-Rootkit positively identifies known and unknown rootkits and gives the option of removing them, including their associated registry entries, processes and files.
10. Helios Lite
Helios Lite is a rootkit detection product based on some of the components of the Helios rootkit detection technologies. It is an implementation of the idea of Cross View Detection for the detection of persistent and non-persistent rootkits. It successfully detects a large number of user mode and kernel mode rootkits