Can we start a sticky thread here where infromation about root kits can be pooled?

So far it seems the only two remedies (in order of preference) are prevention and bare metal recovery.

More later.

http://en.wikipedia.org/wiki/Rootkit

as always the wiki knows a good amount :)

I've never dealt with this problem, so I'd like to learn abit more.

Hey hey,

Here is more info and a utility to "hopefully" detect if a RootKit is present on a system;

RootKit Info and RootKit Revealer (http://www.sysinternals.com/utilities/rootkitrevealer.html)

I've had 2 PC's that had Rootkits on them in the past week and they are not fun to try to fix. I agree, best thing is probably to back up critical data and reinstall the OS... trying to get rid of it is VERY time consuming.


Snow

Some the recent ones stop Systernal's Rootkit Revealer and Frisk's Blacklight from running.

I've never dealt with this problem, so I'd like to learn abit more.

You probably have & just 'given up' & flattened the machine in question ;)

A rootkit type infection is really a glorified virus designed to tie itself in with a particular operating systems workings.

Its very hard to know when you are infected this way, as scans from inside windows are compromised once infected, best advice is periodic scans from some other bootable source.

You probably have & just 'given up' & flattened the machine in question ;)

A rootkit type infection is really a glorified virus designed to tie itself in with a particular operating systems workings.

Its very hard to know when you are infected this way, as scans from inside windows are compromised once infected, best advice is periodic scans from some other bootable source.
from what I read on the wikipedia link, and what you said, I've never come across it :)

Hey all,

Looks like M$ is taking an interest in rootkits, and they seem to have some technology coming to try to detect them. Their research website is here;


Strider GhostBuster Rootkit Detection (http://research.microsoft.com/rootkit/)


Snow

Hey all,

Looks like M$ is taking an interest in rootkits, and they seem to have some technology coming to try to detect them. Their research website is here;


Strider GhostBuster Rootkit Detection (http://research.microsoft.com/rootkit/)


Snow
I am actually suprised they waited so long ;)