Hello All.
W2K Pro.
What's your experience with 'Root Kits' and what tools do you use to test for and eliminate them if you find any.
see about rootkits
Regards Michael.
Printable View
Hello All.
W2K Pro.
What's your experience with 'Root Kits' and what tools do you use to test for and eliminate them if you find any.
see about rootkits
Regards Michael.
I would say aefdisk and redeploy from image.
Ben
Someone posted this up somewhere.. I forget where?
http://searchwindowssecurity.techtar...224912,00.html
The tools listed on the relevant page are wide and varied... Not had to use them as yet but still useful to know.
Do what Ben says i.e. zap the entire OS and start again. It's only worth spending time trying to clean machines where reinstallation would involve a huge amount of manual configuration.
In practice various utilities will happily find/remove rootkits, but they'll be lucky to detect and remove changes someone might have made via that rootkit. Figuring out whether it has happened is not easy... even when you've been cunning enough to do things like routinely capture file integrity data for your system via a boot CD/floppy.