Udostępnij za pośrednictwem

New Rootkit Revealer available!

  • Artykuł

Sysinternals yesterday released a new version of Rootkit revealer after receiving feedback that people using rootkits were starting to add Rootkit Revealer to the 'root process' to continue to avoid detection. 

The new version uses a randomly named executable that runs as a service in order to avoid getting hooked by rootkits that can do simple file name matching - an approch that was discussed in one of my previous blog posts:

https://www.sysinternals.com/ntw2k/freeware/rootkitreveal.shtml

Comments

  • Anonymous
    March 23, 2005

    Who cares the rootkit revealer? What you need is a rootkit remover. I got infected with the EliteToolbar and the following rootkit remover saved me : http://www.f-secure.com/blacklight/cure.shtml

    HTH
  • Anonymous
    March 23, 2005
    @Stephane

    you need it in case blacklight - which is indeed a well done software - fails...(-;
  • Anonymous
    March 23, 2005
    Hmm. Still susceptible to lots of different kinds of fingerprinting, though. Those seem like the "interesting" problems to solve. But I guess nobody is worried about rootkits/malware being that sophisticated yet.