Free Anti-rootkit Applications for Windows

Avira scans your computer for the active rootkit applications, not the ones that are inactive in the files. I found the application to be very reliable. It scans the whole registry values, system processes and running applications and watches them in resident (real-time) mode. If it detects any changes, it intervenes immediately and tries to find the reason of the change. If it decides that the change is due to a malicious program, it detects and removes it.

The software is a very powerful program from Avira and is in Virus Removal Tools section. It is also a very fast rootkit detector. You can find the results from the program's logs when it finishes its scan.

Sophos Anti-Rootkit is a powerful anti-rootkit detection and removal application with a strong rootkit signature database. Sophos scans your system for the rootkits and deletes them, thereby protecting you from the malware that can work with administrator rights. Imagine this scenario in a corporate network.

To avoid such a scenario, you have to update Sophos Anti-rootkit regularly with the new rootkit signatures. The program scans your computer's disks, running processes and memory to find traces of rootkits. It also helps you to delete them if it finds one. After the scan process is complete, Sophos will list the items that it finds questionable. Tick the items that it finds and then click the "Clean up the selected items" button to clean them all. Once you restart your computer, you will no longer have them running on your computer.

I thought about removing Sophos from the evaluation and reviews overall, because it was so hard to find the download page for the product and it required a useless registration process to download a free program. Look Sophos, I am a regular user and I do not want to be a member to use your programs. Moreover, for two hours the registration confirmation message did not arrive (checked also the spam folder). If you insist that, I will go for your competitors. I am taking out one point for this reason from my evaluation.

Rootkit Buster comes from one of the gurus in the anti-virus area: TrendMicro. The program is just a zipped executable (exe) file of 1 Megabyte in size. Rootkit Buster starts its scan from the Master Boot Record (MBR) of your hard disk and then carries on with hidden files, hidden registry values, hidden processes and finally hidden drivers.

Rootkit Buster displays its findings in a window and lets you delete them by clicking the "Delete Selected Items" button. When everything is complete, the system displays a log file.

Panda is another anti-rootkit detection and removal tool. Panda runs as a three-step process: First step deeply scans your computer, second steps removes the findings and third step presents a report. When the program starts up, it asks you if you want to enable automatic updates; I strongly recommend you to enable this.

Panda does not leave anything to chance: in its scan, it checks the hidden drivers, the program modules that are running, registry values, non-standard connections such as IRP connections and goes as deep as possible. With this paranoid search, it leaves nothing to do for the rootkit applications.

You can download the product from Download.com.