|
|
|
|
|
Posted by Blue Event Horizon on August 12, 2006, 5:04 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Using Windows XP Media Center Edition 2005 on a computer I've only had
about a month after 6 1/2 years using another computer with Windows ME
so I'm still learning about my OS and rootkits have just really come
to my attention recently. Also now DSL instead of dialup, if that
matters. Kerio 2.1.5 firewall, AVG Free antivirus, currently using
Ad-Aware, Spybot, ewido antispyware products (ewido is new to me).
Are there are programs/tools/whatever suitable for average
(unsophisticated, ignorant or however you care to characterize us)
users to prevent, detect and/or repair rootkit threats and problems?
Preference for freeware and GUI.
BEH
|
|
Posted by nemo_outis on August 12, 2006, 6:05 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Using Windows XP Media Center Edition 2005 on a computer I've only had
> about a month after 6 1/2 years using another computer with Windows ME
> so I'm still learning about my OS and rootkits have just really come
> to my attention recently. Also now DSL instead of dialup, if that
> matters. Kerio 2.1.5 firewall, AVG Free antivirus, currently using
> Ad-Aware, Spybot, ewido antispyware products (ewido is new to me).
>
> Are there are programs/tools/whatever suitable for average
> (unsophisticated, ignorant or however you care to characterize us)
> users to prevent, detect and/or repair rootkit threats and problems?
> Preference for freeware and GUI.
>
> BEH
>
All the following require a modicum of intelligence:
RootkitRevealer
http://www.sysinternals.com/Utilities/RootkitRevealer.html
F-secure BlackLight
https://europe.f-secure.com/blacklight/
IceSword (arguably the best bnut also the geekiest)
http://tinyurl.com/ckqsn [English download mirror]
Regards,
|
|
Posted by David H. Lipman on August 12, 2006, 7:52 pm
If you were Registered and logged in, you could reply and use other advanced thread options
| All the following require a modicum of intelligence:
|
| RootkitRevealer
| http://www.sysinternals.com/Utilities/RootkitRevealer.html
|
| F-secure BlackLight
| https://europe.f-secure.com/blacklight/
|
| IceSword (arguably the best bnut also the geekiest)
| http://tinyurl.com/ckqsn [English download mirror]
|
| Regards,
|
Add...
gmer -- http://www.gmer.net/
Vinzenz Feenstra, ewido anti-spyware developer, Anti-RootKit Beta
http://blog.evilissimo.net/2006/08/01/grisoft-avg-anti-rootkit-beta/
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
|
|
Posted by Sebastian Gottschalk on August 13, 2006, 12:08 am
If you were Registered and logged in, you could reply and use other advanced thread options
>
>
> | All the following require a modicum of intelligence:
> |
> | RootkitRevealer
> | http://www.sysinternals.com/Utilities/RootkitRevealer.html
> |
> | F-secure BlackLight
> | https://europe.f-secure.com/blacklight/
> |
> | IceSword (arguably the best bnut also the geekiest)
> | http://tinyurl.com/ckqsn [English download mirror]
> |
> | Regards,
> |
>
> Add...
>
> gmer -- http://www.gmer.net/
And remove BlackList, as it's nothing special over other common non-beta
free utilities. At its first release it offered a sinmple but special
method to detect unlinked process lists, but this is now a standard
feature of Gmer, DarkSpy, Knlps and VICE.
Rootkit Revealer might me removed as well, as it's totally buggy. On
well-hardened machines is doesn't even run (spawns the service process
and then crashes) and even on kinda normal machines it may run into bad
errors (f.e. if you linked C:\mnt\floppy to A:\ and no floppy is
inserted, the 'dir' command in the spawned cmd.exe process will hang
forever, so the entire file system scan fails completely).
> Vinzenz Feenstra, ewido anti-spyware developer, Anti-RootKit Beta
> http://blog.evilissimo.net/2006/08/01/grisoft-avg-anti-rootkit-beta/
Yeah, this one is another piece of junk. Without any question is tries
to remove a simple hidden process, fails, reboots, tries again, fails,
crashes, ...
Add...
DarkSpy
RkDetector2
VICE
System Virginity Verifier
|
|
Posted by nemo_outis on August 13, 2006, 11:52 am
If you were Registered and logged in, you could reply and use other advanced thread options
You ask - I deliver!
Here's a compilation (41 meg) of the following anti-rootkits:
Windows Anti-Rootkit Apps:
Rootkit Revealer
F-Secure BlackLight
Process Master
HookExplorer
GMER
UnHackMe
IceSword
Darkspy
System Virginity Verifier
Rootkit Hook Analyzer
HiddenFinder
LavaSoft ARIES Rootkit Remover
Windows Rootkit Prevention Apps:
AntiHook Pro
Process Guard
GesWall Personal
Defense Wall HIPS
SocketShield
Neoava Guard
Defense Plus
Linux/BSD Apps:
CHKRootkit
RkHunter
Zeppoo
Download it from:
http://rapidshare.de/files/29162303/AntiRootkits_AIO.rar
rar password: www.2baksa.net
Regards,
|
| Similar Threads | Posted | | Microsoft Research: Strider GhostBuster Rootkit Detection and "...stealth software that hides in BIOS, Video card EEPROM" | September 19, 2005, 11:58 pm |
| intrusion prevention system | June 25, 2006, 8:42 am |
| Honolulu Computer Repair Hawaii | March 25, 2008, 4:43 am |
| Detection within Installation files | September 27, 2005, 8:09 pm |
| User Authentication | November 29, 2006, 11:51 am |
| PREVX user rating | April 15, 2006, 4:59 am |
| strange user account | July 24, 2006, 9:24 pm |
| DCPP user password?! | September 16, 2007, 1:56 pm |
| My user accounts now have very limited rights | October 18, 2005, 5:14 pm |
| Re: Anti-malware on Win2K: Run as administrator or user | February 4, 2006, 6:48 am |
|
|
|
XML site map