Monday | 6 September, 2010
CSO
10 essential (and free!) security downloads for Windows
Stay safe from prying eyes and bad guys
Preston Gralla (Computerworld) 29/05/2008 09:42:31
Page:

F-Secure BlackLight Rootkit Eliminator

Rootkits are the most nefarious of all malware, giving hackers access to your entire PC without your knowledge. They use special techniques to hide themselves from many antivirus and anti-malware programs, which makes detecting and killing them exceedingly difficult. Because of that, just using antivirus software isn't enough. Instead, you need a specialized rootkit detector and killer.

That's exactly what F-Secure's BlackLight Rootkit Eliminator does. It scans your PC for hidden processes, folders and files, then reports on what it finds. If your PC is clean, it will tell you so. If it finds anything hidden, it tells you that as well and lets you clean it up. Double-click any entry, and you'll get more information about it, such as the file location, a description and company information.

To kill a rootkit you've discovered, you have a choice of renaming or deleting the file using BlackLight's built-in tools. It's a good idea to first rename suspicious files, which gives them a .ren extension and prevents them from executing. Next, do a Google search for the file names to see whether they really are malware. Rootkits often hide legitimate files and processes, such as Explorer.exe, so make sure not to get rid of any legitimate ones. If you confirm that files are malware, then delete them.

Warning: Only very experienced users should attempt to clean their PC with this software, because if you rename or delete valid files, you can cause serious problems. If you're at all unsure about what you're doing, you might want to try a different free anti-rootkit tool called RootAlyzer, from the same folks who bring you Spybot Search & Destroy. It checks your PC for rootkits but doesn't offer tools for deleting them. (Note that RootAlyzer is still in the preview stage.)

NoScript

JavaScript, Java, plug-ins and other code found on Web pages can do serious damage to your PC. They can deliver interactivity and other useful features, but they can also be used to wreak a great deal of havoc. To keep yourself safe on unfamiliar Web sites, you'll want to turn them off, but doing so means that you'll lose some of the nifty features on some of your favorite Web sites.

The answer? A great Firefox extension called NoScript, which not only blocks scripts, plug-ins and various types of code, but also protects against cross-site scripting attacks. It lets you block scripts, plug-ins, and code on a site-by-site basis. You can control it to an exceptional degree, including whether to block scripts on sites on a one-time basis or permanently.

Page:
More about VIA, Trend Micro, Avast, PSI, INS, Killer, Google, Norton, F-Secure, Excel, McAfee, Microsoft, Symantec, Software Works, Yahoo, Lavasoft

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Enter the fully qualified URL, eg. http://www.example.com/
Users posting comments agree to the CSO Online comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Searching for rootkits with F-Secure BlackLight Rootkit Eliminator.
Searching for rootkits with F-Secure BlackLight Rootkit Eliminator.
View all images
  • Secunia Personal Software Inspector warns you when your software is missing security patches and will download the patches for you.
  • SendShield checks outgoing Microsoft Office documents in Outlook to see whether they include information you'd prefer to be kept private.
  • Avast Antivirus uses multiple shields to protect you against viruses, malware and other threats.
  • If you suspect you've been victimized by malware, and all else fails, try HijackThis.
  • SpywareBlaster stops ActiveX-based spyware from installing on your PC.
  • Searching for rootkits with F-Secure BlackLight Rootkit Eliminator.
  • The NoScript extension for Firefox turns off scripts, plug-ins and various code on a site-by-site basis.
  • Comodo Firewall Pro offers several layers of firewall protection. It's a little more intrusive than other firewalls, but will keep your system locked down.
  • McAfee SiteAdvisor helps you steer clear of dangerous Web sites.
  • CCleaner does double duty: It protects your privacy and keeps your PC clean of junk.
Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

Automation Makes Perfect: Taking the Time Crunch Out of IT Compliance with Automation

Automation makes compliance part of day-to-day operations, enabling CIOs to shift time to more important things—like a security strategy that protects the business, rather than simply pleases an auditor. Read this exclusive white paper from compliance leader Tripwire to learn how a Protect, Detect, and Correct compliance strategy can give you back your most precious resource: time.