David H. Lipman wrote:
> From: "nemo_outis" <>
>
>
> | All the following require a modicum of intelligence:
> |
> | RootkitRevealer
> | http://www.sysinternals.com/Utilitie...tRevealer.html
> |
> | F-secure BlackLight
> | https://europe.f-secure.com/blacklight/
> |
> | IceSword (arguably the best bnut also the geekiest)
> | http://tinyurl.com/ckqsn [English download mirror]
> |
> | Regards,
> |
>
> Add...
>
> gmer -- http://www.gmer.net/
And remove BlackList, as it's nothing special over other common non-beta
free utilities. At its first release it offered a sinmple but special
method to detect unlinked process lists, but this is now a standard
feature of Gmer, DarkSpy, Knlps and VICE.
Rootkit Revealer might me removed as well, as it's totally buggy. On
well-hardened machines is doesn't even run (spawns the service process
and then crashes) and even on kinda normal machines it may run into bad
errors (f.e. if you linked C:\mnt\floppy to A:\ and no floppy is
inserted, the 'dir' command in the spawned cmd.exe process will hang
forever, so the entire file system scan fails completely).
> Vinzenz Feenstra, ewido anti-spyware developer, Anti-RootKit Beta
> http://blog.evilissimo.net/2006/08/0...-rootkit-beta/
Yeah, this one is another piece of junk. Without any question is tries
to remove a simple hidden process, fails, reboots, tries again, fails,
crashes, ...
Add...
DarkSpy
RkDetector2
VICE
System Virginity Verifier
Similar Threads
