ICESword : Cool Tool to Break the ICE - www.SecurityXploded.com
ICESword - Multi Purpose Anti-Rootkit Tool
ICESword is the great rootkit detection tool that not many people
know. It was coded by a Chinese programmer with a nickname as PJF.
Though it is more powerful than any other rootkit detection tools, it
hasn't got much attention that other tools have received.
ICESword can find the rootkits which even top antirootkit softwares (such as Rootkit
Revealer, BlackLight, Rootkit Detective etc) failed to detect. However
ICESword lack automatic file scanning, registry scanning
feature that other anti-rootkits offer.
ICESword in Action
Main Screen of ICESword
ICESword's Registry Editor showing SAM
Unmatched Features of ICESword
When it comes to detecting variety of hidden stuffs none of the
anti-rootkits can stand near to ICESword. Here are some of the things
that ICESword can show you
Running Process list
Open Port list along with process owning it
Loaded Kernel modules
System startup programs
Layered Service Provider chain list
Browser Helper objects
System service descriptor table entries (SSDT)
If it detects any HIDDEN entry then it is shown in RED color. This makes
it easy to differentiate between normal and hidden entries.
Other important features of ICESword are registry editor and file
browser. Its registry editor is very advanced as you can see all the hidden keys and system keys which are not shown
by Windows registry editor. File browser is another integrated tool which
will allow you to look for hidden files. In addition to this, you can
also use it to copy the locked and system files which cannot be
accessed/copied as long as Windows is running. For example you can copy
SAM file and registry hive files for password cracking while you are on
This tool is meant for advanced users. It can show you the rootkits
on your system, but does not have any medicines for it. You have to do
that on your own using other tools.
Some of the powerful features makes ICESword all in one
tool and sets it apart from the other rootkit detection tools. But for
the author its just the beginning...!