RootAlyzer is a new security software offered by Safer Networking. For those who don’t know, Safer Networking created Spybot Search and Destroy. The program was really one of the first free antispyware and antimalware programs along with Lavasoft Adaware. It set the standard for antispyware applications by having excellent detection and great functionality. However, I haven’t seen a lot of updates from Safer Networking for the past year until now. That is why I am pleased to review the latest version of RootAlyzer.
RootAlyzer is exactly what one has come to expect from safer networking, great software. The program comes in a 1 megabyte zip file and is about 2 megabytes in size. There is no installer necessary, the program just launches instantly. Upon starting the program, the user is given the option to update the program or just launch. I attempted to update but was alerted that I already had the latest version, hence it was release on Nov. 5th. Next, the program immediately performed a quick scan and everything tested out safe. RootAlyzer scans a number of areas for active rootkits, they include files in the windows folder, files in the system folder, global run entries, winlogon entries, invisible processes (from handles), and Invisible process (from threads). This is a pretty comprehensive scan and appears to be better than most free antivirus because it includes more than just simply ADS and NTFS file streams. Also the scan completed in only 3 seconds so it can be easily run on startup or deployed across a network.
If the quick scan doesn’t suit your fancy, then the deep scan should calm any fears about lingering rootkits. The deep scan will display a menu to with available drives to scan. A user can also select where they would like in the registry (HKEY local machine or users) to scan for rootkits. However, some disadvantages to the scan are that, it cannot be stopped or paused (the only way is to actually close the program) and there is no way to know the status of the scan. During scanning, RootAlyzer used about 20 percent cpu power (relatively high compared to other free antivirus) and about 8 megabytes of memory. The scanner took about 7 minutes to finish and didn’t locate any rootkits on the test system
RootAlyzer has some other great features. The first is that it is 64bit and Windows 7 compatible. I have tested a lot of anti-rootkit software and they don’t seem to play nice with 64bit machines. Also, the program includes a really nice help file. The file explains exactly what rootkits do and where they hide.
