IceSword Displays Processes and Files Hidden from Windows Explorer
Author: Raymond25 Nov
If you think that enabling “Show hidden files and folders” and disabling “Hide protected operating system files” from Folder Options will show every single hidden files/folders, then you are wrong. Recently I’ve been very busy because I am involved in a “secret” project (will be revealed here soon) that made me spent a lot of time testing a lot of different security tools.
There are some virus/trojan/rootkit that is able to hide itself completely from Windows Task Manager and believe it or not, even the famous Process Explorer and Process Hacker cannot even detect the hidden process. Other than that, when the virus is active, they can also make the file hidden until you cannot locate it using Windows Explorer. I found a tool called IceSword which has a Windows Explorer-like interface but displays hidden processes and resources that Windows Explorer would never show.
Do note that IceSword isn’t a “click-here-to-delete-rootkits” product but a sophisticated discovery tool that can protect against sinister rootkits if used before they infect a machine. One thing I really like about IceSword is it is portable, free and can be used in Safe Mode. Normally tools that is used to detect hidden process and files (such as DeepMonitor and many more) requires a special driver installed and it won’t work in Safe Mode since third party drivers/services are not loaded in that environment.
Here’s a piece of bad news that might be a turn off to a lot of people. IceSword is a software made in China by a person called PJF. I know now even more people would stay away from Chinese software because of what IObit did but so far IceSword has a very good reputation. Scanning it in VirusTotal with 41 antivirus and only ClamAV detects it as a threat just because the program is packed/compressed with ASPack.
Anyway I’m just sharing with you on a tool which I found useful and if you’re not comfortable using it, then by all means go ahead and use GMER which is very similar to IceSword. It’s good to have an alternative in case one of it doesn’t work. Here’s a short video demo of IceSword able to detect a folder which is completely hidden from Windows Explorer even if the Folder Options is set to show hidden files and folders.
: Copying this article to your website is strictly NOT allowed. However, if you like this article, you can use the HTML code below to directly link to this article.
Related Articles
Detect Hidden Process and Rootkit with DeepMonitor Easily Access to Nearly 100 Hidden Utilities in Windows XP Restoring running programs missing from Windows Tray when Explorer.exe CRASH! Reveal Passwords Hidden Under Asterisks GMER is a Powerful Rootkit Detector and Remover LockHunter is UNLOCKER Alternative that Works on Windows x64 Yahoo Messenger Secret and Undisclosed Hidden Emotions
Incoming Search Terms for the Article
icesword windows 7 - icesword - ice sword windows 7 - icesword download - rootkit revealer windows 7 - ice sword - how to use icesword - icesword for windows 7 - icesword rootkit revealer - icesword win 7 - ice sword download - IceSword malware - how to use ice sword - icesword failed - process explorer hidden process using ram - icesword for windows7 - icesword win 7 - icesword for vista - icesword initialize failed 1 - icesword +malware - what is icesword - about icesword - icesword initialize failed - icesword+win7 - rootkit revealer windows 7 alternative - icesword initialized failed - ice sword, root kit detector - hidden file revealer - icesword in italiano - icesworld "windows 7" - rootkit revealer for windows 7 - how does icesword work? - how does ice sword work? - icesword failed to intialize - rootkit "windows 7" detect - how to ice sword - Rootkit program revealer for win 7 - "Windows 7" hidden processes - "hidden from windows" - icesword "windows 7" - show windows processes +ice - how to put files on a secret place w7 - ice sword not an win32 application - initialization failed ice sword - icesword download windows 7 - ice sword + windows 7 - PROCESS FILES - windows 7 "ice sword" - windows explorer raymond - how to remove rootkits with icesword -
Categories
Recent Comments
- Alex: I accidentally deleted some of
- HM: Sadly this Lockhunter doesn't unlock
- gina: hye there.. can u decrypt
- NTKANIT: HP Pavilion dv2000, works great.!!
- uday: Thanks for the useful tip................
- RAYMOND CAMPBELL: I HOPE THIS IS NORTON: I
- Kupo: Hey, pleaaase send me an
- Nelson: Hello Mr. Raymond, please can
- Eric: Thank's so much
- megablue: Been searching for a windows
Have computer technical problems? Get FREE help from Raymond.CC FORUM
34 Responses for "IceSword Displays Processes and Files Hidden from Windows Explorer"
What did IObit do?
Thanks Ray.
So, a “Secret Project” testing security products huh?
Boy, I wish a had a job like yours…
good info ray!
thanks…..
I am guessing Raymond means this
http://malwarebytes.besttechie.net/2009/11/02/iobit-steals-malwarebytes-intellectual-property/
They steal MalwareBytes virusdbs without permissions.
More info on here: http://www.malwarebytes.org/forums/index.php?showtopic=29681
Allegedly, they stole intellectual property from Malwarebytes. Or at least the are supposed to have stolen their detection database and were apparently caught because of a ‘fake’ signature put there for that very purpose by Malwarebytes.
Just search google with the words iobit and malwarebytes in the search in the search box and you will get 130,000+ hits to peruse at your leisure. The first two when I did it was to a blog about it from each of the companies involved.
it says ‘Initialize failed’ when I start it.
excellent software thanks
Thanks for the info – but what DID IObit do???
I think this is what IObit did : http://news.softpedia.com/news/Malwarebytes-Accuses-IObit-Plays-Dead-126389.shtml
They copied Malwarebytes databas.. shame on them..
Hey, thanks for the lowdown on IObit…
Thanks Ray, totally helpful.
What’s the difference between this software and “Process Explorer”, or maybe something like portable “Everest”?!
So it’s still safe to use IObit?
Hey Ray,
there is a similar product with sysinternals by the name Rootkit Revealer.heres the link….http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx
regards,
amay raikar
i can’t get the software to work on windows 7 :/
@Amay Raikar: Rootkit Revealer cannot be compared with IceSword. Reason is Rootkit Revealer has very little features and it’s actually very outdated (last updated 3 years ago).
Oh ya, forgot to mention that IceSword currently only works with XP and Vista. Windows 7 not supported yet.
Thanks for the insight into IObit. Won’t be loading the free copy I got here…ever.
@Raymond: IceSword hasn’t been updated in over 2 years either. When I was using it, it did help me find a few ghost files and processes though.
I stumbled on IceSword two or three years ago when it was still in its 0.** stages of development. It didn’t even have an English Help file then. It looked so primitive, but was already very good at revealing all hidden processes.
I eventually dropped it off, mainly because it took quite some time to browse its crude GUI, and besides I didn’t really encounter any problems with my old, old PC — except those many reformats caused by self-inflicted beatings.
Anyway, IceSword looks like it’s improved a lot, at least cosmetically, and I want to install it permanently in my brand-new (Athlon II X4 620, Windows 7 Pro X64, 6GB RAM) system.
Thanks Raymond, but I will not be downloading this because I refuse to use any application made in China or Russia. These two countries produce more than 50% of malware on the Internet today. I am not saying that IceSword has a rootkit/backdoor build in it, but it is NOT open source so you really have no idea what is running in the background when the application is executed. Call me bias, but it is better to be safe than sorry.
Initialize failed when trying to run on vista ?
Im trying to run this to remove a bad regkey (rootkit) I know where it is, just cant delete so this post would of helped me out alot only that I have the same issue as a few ppl above.
I get a message saying “Initialize failed”
Running on Vista Home Basic with Sp2 and all updates
Try using Gmer instead if IceSword fails to initialize.
Hi Ray,
You said, “I know now even more people would stay away from Chinese software because of what IObit did…”
May I ask what IObit did? I ask because I have been using and recommending SmartDefrag (with enthusiasm) for several months.
Thank you.
CurlySue
Ahh…
I see what it may be.
http://news.softpedia.com/news/Malwarebytes-Accuses-IObit-Plays-Dead-126389.shtml
Hmmm…
Thanks for sharing. this is very cool stuff…
If you want to download from Megaupload without captchas or countdown timers, here is a trick worth trying out. It helps to convert megaupload links into direct download links.
Megaupload Direct Download Link Generator
If you are having a download link from megaupload like
http://www.megaupload.com/?d=GVOMXHQ2
then convert it to
http://www.megaupload.com/mgr_dl.php?d=GVOMXHQ2
That is, just replace “/?” of the original download URL with “/mgr_dl.php?” just after the “.com/”
You can place this direct link in download managers for immediate downloads from megaupload.
No Coundown
No Captchas
Maximum Speeed
tq raymond for the best software..:-)
So how was this folder made invisable? The movie quality isn’t too good but i didn’t notice anything special about the folder, like special characters or something…
Not working on W7, it says ‘Initialize failed’ when it start
Megaupload waiting time is 25 seconds for free registered users 45 seconds for non register users!
If you cannot wait for less than a minute then you are NUTS!!
tards, just use skipscreen.
Thanks Ray
No problem if IObit gets update from Malware Bytes bcoz, it is important to pass the Knowledge to the others I love chiness coz they are smart enough to manage world technology at the age of 10-13.
another i cant wait getting another venders update.
IObit keep on
Leave a reply