The term "rootkit" is a difficult one to define, or at least fix a definition on. Originally it referred to a script, set of scripts, or package of modified system programs (thus "kit") used for gaining or keeping unauthorized root permissions (or equivalent supervisory powers) on a compromised system. Recently, media usage has expanded this definition to include any software that can hide software or processes on a system, but this usage is vague and likely to lead to confusion.
Antirootkit.com doesn't have an awful lot of information on the site, but it does have a list of rootkit detection software. There are brief descriptions of the products. Be careful of the download links: they can be misleading in terms of what you are actually getting.
Sophos has always been a solid antivirus company, so there is no reason to think that their
anti-rootkit product is any less.
GMER is a Polish anti-rootkit program (Windows only) available for free download.
McAfee Rootkit Detective (originally from Avert) is available for download, but the McAfee site makes sure you know it is a beta product, and requires knowledgeable application and use.
Panda tends to oversell their products, but their
anti-rootkit is also available for download.
As usual with most Trend Micro products,
RootkitBuster sounds fairly agressive.
F-Secure's BlackLight Rootkit Elimination Technology is well-regarded in the anti-malware research community. It is available in their complete product, but can also be downloaded separately as a utility. F-Secure also provides a little bit of
rootkit explanation.
More...
01-12-2009
