Root kit

  • Thread starter Thread starter Tim Walters
  • Start date Start date
T

Tim Walters

I'm trying to follow the Microsoft instructions to check on root kits.
It says to run dir /s /b /ah and save the results.
I assume they mean run this at the Command Prompt. (Using the Run option
doesn't work.) How do I save the results?

Thanks for your help.

Tim
 
From: "Tim Walters" <[email protected]>

| I'm trying to follow the Microsoft instructions to check on root kits.
| It says to run dir /s /b /ah and save the results.
| I assume they mean run this at the Command Prompt. (Using the Run option
| doesn't work.) How do I save the results?
|
| Thanks for your help.
|
| Tim
|

Forget about following Microsoft's advice.

If you are worried about RootKits then use F-Secure BlackLight Beta software
http://www.f-secure.com/blacklight/

Sysinternal RootKit Revealer
http://www.sysinternals.com/Utilities/RootkitRevealer.html

or a new and very good utility, GMER
http://www.gmer.net/


Further discussions on RootKits are best made in a anti virus News Group.

microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus
 
Thank you for this.

The next stage says: "Boot into a clean CD." It wasn't - and still isn't -
clear what this means. I thought I would be able to boot directly from the
Win2000 CD, but this option doesn't seem to be available. Am I supposed to
do a fresh install onto a blank CD?

Any suggestions?

Thanks,

Tim
 
I'll try out your suggestions later, but I'll follow the Microsoft procedure
for now - assuming I can.

Thank you for your help.

Tim
 
This article may help.

http://support.microsoft.com/kb/281770/

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| Thank you for this.
|
| The next stage says: "Boot into a clean CD." It wasn't - and still isn't -
| clear what this means. I thought I would be able to boot directly from the
| Win2000 CD, but this option doesn't seem to be available. Am I supposed to
| do a fresh install onto a blank CD?
|
| Any suggestions?
|
| Thanks,
|
| Tim
 
From: "Zoned" <[email protected]>

| Try a few programs at http://www.antirootkit.com
|
| If you have a rootkit, one of the programs will tell you.
| If you dont you can get a program to stop them getting on your PC,
|
| regards
|
| Zoned

I just saw the specs on a new variant of the "SpamTool.Mailbot". It has in its strings the
names of;

Rootkitrevealer
BlackLight
Rkdetector

Those who write the Rootkits are now trying to be stealthed to the anti rootkit utilties.
 
Back
Top