Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

nice root kit tool

0 views
Skip to first unread message

ellis_jay

unread,
Dec 6, 2006, 4:51:35 PM12/6/06
to
http://www.resplendence.com/hookanalyzer

from:

http://www.spywarewarrior.com/uiuc/soft5.htm#rootkit

I also use Icesword, Blacklight, and Russinovich's (sp?) . I may check out
some of the other ones, too. Unfortunately, Bitdefender's only works for
Vista-but it is only beta.

--

Let the unseen day be. Today is more than enough.

___Sador the carpenter to Turin
Tolkien, The Unfinished Tales

Ellis_Jay

Art

unread,
Dec 7, 2006, 9:21:30 AM12/7/06
to
On Wed, 6 Dec 2006 15:51:35 -0600, "ellis_jay"
<elli...@firstbase.coma> wrote:

>http://www.resplendence.com/hookanalyzer
>
>from:
>
>http://www.spywarewarrior.com/uiuc/soft5.htm#rootkit
>
>I also use Icesword, Blacklight, and Russinovich's (sp?) . I may check out
>some of the other ones, too. Unfortunately, Bitdefender's only works for
>Vista-but it is only beta.

I agree that hookanalyzer is a "nice" tool. I had some fun yesterday
tracking down a few .SYS drivers it revealed which I hadn't either
noticed before or paid any attention to. It was educational to see
how some previously installed software leaves old drivers with
their hooks in place, in spite of my use of registry cleaners. In one
case, searching the file name on the internet didn't turn up
anything, but the software vendor's name led me to what
must have been the old uninstalled software source of the
driver. In most cases though, you can search the file name
and find sufficient info to satisfy yourself that the driver is
probably legit. Furthermore, you can upload the file for scanning
by many av products.

So I found uses for the utility which go beyond just a search for
root kits. It's a "keeper".

Art
http://home.epix.net/~artnpeg

0 new messages