I'm trying to find some good techniques and tools for detecting and removing rootkits. (Specifically with Windows XP, and yeah, I know that it is probably futile, at present.) I was wondering what has worked for all of you.
posted by:
|
California
|
-
Re: Rootkit Detection/Removal
Tue, December 27, 2005 - 1:45 AMRootkit Revealer is pretty good, it was the way Sony's copy-protection rootkit was discovered, and it's (still) free.
www.sysinternals.com/Utiliti...ler.html
-
Re: Rootkit Detection/Removal
Mon, December 18, 2006 - 9:28 PMSimply put - know your system.
I use sysinternals tools and some from founstone.
I use carvey's tools as well.
I know how to use basic ip tools located on each system like netstat, nbtstat, nslookup, etc.
Know your registry.
Know what is starting up automatically.
Know how to use notepad effectively and if you need more firepower get a better notepad.
Mostly stuff liek this in windows...
Know netcat...
Know nmap...
Get tools of the trade...
Lots have free variants...
