Spybot Search&Destroy learns to sniff out rootkits

The creators of the Spybot Search&Destroy anti-spyware software, which is free for non-commercial users, have released an update that includes a plugin to search for rootkits. A standalone tool can also be downloaded to sniff out stealthed programs on a user’s system.

The RootAlyzer tool is still under development, but can be downloaded from the Spybot Search&Destroy forum. It checks the registry, the file system and running processes against various system and Win32 API functions to identify any discrepancies which might indicate infection with a rootkit - known as cross referencing. RootAlyzer is also free for personal use.

See also:

• We've got great, new plugins for Spybot and a complete new tool - the RootAlyzer!, announcement from the Spybot Search&Destroy development team
• Forum thread with download for RootAlyzer 0.1.1.13

Advertisement

(mba)