Guest Zareba Posted February 21, 2009 Posted February 21, 2009 I searched but could not find an answer here so I am asking. Can Rootkit Revealer from Sysinternals be used successfully on Vista SP1? The day after I joined Facebook last week, my address book was used to send spam in my name to everyone on my contact list. I have scanned with Windows Defender, Avast, Malware Bites, Super Antispyware, Hijack This, and Stinger. Everything says I am clean. I have also removed myself from Facebook as I suspect that the problem originated with something I did or something they did. The only thing I have not done is searched for a rootkit. Any help or advice would be appreciated. ....Z (learned to avoid social networks) Quote
Guest Mick Murphy Posted February 22, 2009 Posted February 22, 2009 http://forum.sysinternals.com/forum_topics.asp?FID=15 Ask in their forums, for everything you want to know about their product.. -- Mad Mike "Zareba" wrote: <span style="color:blue"> > I searched but could not find an answer here so I am asking. > > Can Rootkit Revealer from Sysinternals be used successfully on Vista SP1? > > The day after I joined Facebook last week, my address book was used to > send spam in my name to everyone on my contact list. I have scanned with > Windows Defender, Avast, Malware Bites, Super Antispyware, Hijack This, > and Stinger. Everything says I am clean. I have also removed myself from > Facebook as I suspect that the problem originated with something I did or > something they did. > > The only thing I have not done is searched for a rootkit. > > Any help or advice would be appreciated. > > ...Z (learned to avoid social networks) > </span> Quote
Guest Zareba Posted February 22, 2009 Posted February 22, 2009 Thanks, I will ask in their forum. I suspect the answer is no, because I did run it unsuccessfully and was simply hoping there had been an update or a tweak that would work. But I also would like to know if there is any other free rootkit revealer or remover that will run on Vista. Thanks again Quote
Guest Kayman Posted February 22, 2009 Posted February 22, 2009 On Sun, 22 Feb 2009 14:03:01 -0400, Zareba wrote: <span style="color:blue"> > Thanks, I will ask in their forum. I suspect the answer is no, because I did run it unsuccessfully and was simply hoping there had been an update or a tweak that would work. > But I also would like to know if there is any other free rootkit revealer or remover that will run on Vista.</span> Anti Rootkit - Panda http://research.pandasecurity.com/blogs/im...AntiRootkit.zip http://www.rootkit.com/boardm.php Avira AntiRootkit Tool http://www.free-av.com/en/tools/4/avira_an...otkit_tool.html http://www.free-av.com/en/products/index.html Avira Support Forum http://forum.avira.com/wbb/index.php?langid=1 Anti-Rootkit Software - Detection, Removal & Protection http://www.antirootkit.com/software/index.htm ComboFix - A guide and tutorial on using http://www.bleepingcomputer.com/combofix/how-to-use-combofix http://www.thespykiller.co.uk/index.php?board=3.0 (ComboFix should not be used without guided assistance.) DarkSpy http://www.antirootkit.com/software/DarkSpy.htm http://www.antirootkit.com/forums/viewforum.php?f=18 F-Secure BlackLight (Download Trial) http://www.f-secure.com/blacklight/ http://www.antirootkit.com/forums/viewforum.php?f=13 GMER - is an application that detects and removes rootkits. http://www.gmer.net/index.php http://antirootkit.com/forums/index.php?si...781ffe4361c3a17 IceSword http://www.antirootkit.com/software/IceSword.htm http://www.antirootkit.com/forums/index.php RAIDE http://www.rootkit.com/project.php?id=33 download: http://www.rootkit.com/vault/petersilberman/RAIDE_BETA_1.zip http://www.rootkit.com/boardm.php Rootkit Detective - McAfee http://download.nai.com/products/mcafee-av...itDetective.zip http://forums.mcafeehelp.com/ Rootkit Revealer http://www.microsoft.com/technet/sysintern...itRevealer.mspx http://forum.sysinternals.com/forum_topics.asp?FID=15 RootKit Hook Analyzer http://www.softpedia.com/get/Security/Secu...-Analyzer.shtml http://www.antirootkit.com/forums/viewforum.php?f=17 RootKit Hook Analyzer http://www.resplendence.com/hookanalyzer http://www.antirootkit.com/forums/viewforum.php?f=17 RootAlyzer http://forums.spybot.info/showthread.php?t=24185 http://www.spybotupdates.com/files/rootalyz.zip Sophos Anti-Rootkit - Free tool for rootkit detection and removal http://www.sophos.com/products/free-tools/...ti-rootkit.html Direct link: http://www.sophos.com/support/cleaners/sarsfx.exe http://www.techsupportforum.com/networking...ti-rootkit.html System Virginity Verifier http://www.softpedia.com/get/System/System...-Verifier.shtml http://www.antirootkit.com/forums/viewforum.php?f=25 System Virginity Verifier http://www.antirootkit.com/software/System...ty-Verifier.htm http://www.antirootkit.com/forums/viewforum.php?f=25 VICE http://www.rootkit.com/project.php?id=20 download: http://www.rootkit.com/vault/fuzen_op/vice.zip http://www.rootkit.com/boardm.php "Make sure you always read the current user instructions for your scanning tools to see what special steps you need to take before, during and after the clean-up process. Then, after you've found and cleaned a rootkit, rescan the system once you reboot to double-check that it was fully cleaned and the malware hasn't returned." Avoiding Rootkit Infection. "The rules to avoid rootkit infection are for the most part the same as avoiding any malware infection however there are some special considerations: Because rootkits meddle with the operating system itself they require full Administrator rights to install. Hence infection can be avoided by running Windows from an account with lesser privileges" (LUA in XP and UAC in Vista). AntiHook http://www.infoprocess.com.au/AntiHook.php DiamondCS ProcessGuard http://www.diamondcs.com.au/processguard/ http://www.diamondcs.com.au/processguard/download.php Educational viewing: Mark Russinovich - Advanced Malware Cleaning http://www.microsoft.com/emea/spotlight/se...spx?videoid=359 Educational reading: Hidden Backdoors,Trojan Horses and Rootkit Tools in a Windows Environment http://www.windowsecurity.com/articles/Hid...nvironment.html Rootkits: What you should know http://resources.zdnet.co.uk/articles/0,10...39523773,00.htm Rootkits For Dummies http://books.google.com/books?id=MTcep7V6h...tsec=frontcover Quote
Guest Zareba Posted February 23, 2009 Posted February 23, 2009 Thank you Kayman, this will keep me busy for a while. How come I did not get this info when I googled? Quote
Guest Sam Hobbs Posted February 25, 2009 Posted February 25, 2009 Maybe because you used Google. It is not the first nor the only search engine but they obviously pay a lot of money to make people think they are. Try the following; I quickly found most of those items; the ones I found are listed in a single web site that is among the first few responses. http://www.altavista.com/web/results?itag=...kit&kgs=0&kls=1 Note that I converted this message to plain-text format from HTML format. Newsgroups prefer plain-text and when messages are viewed in plain-text format it is essentially impossible for viruses to be effective. <span style="color:blue"> > "Zareba" <zareba@thetimewarp.com> wrote in message > news:3553F1C9-3BDF-4941-B19E-14761DF2A67B@microsoft.com... > Thank you Kayman, this will keep me busy for a while. > > How come I did not get this info when I googled?</span> Quote
Guest Zareba Posted February 25, 2009 Posted February 25, 2009 Note that I converted this message to plain-text format from HTML format. Newsgroups prefer plain-text and when messages are viewed in plain-text format it is essentially impossible for viruses to be effective. ------------------------------------------------- Sorry about that, Sam. I am used to using rich text in Annexcafe groups and forgot to change to plain text. A little senile dementia, I suppose. I have been going to the sites that Kayman provided, but have found only GMER - http://www.gmer.net/index.phphttp://antiro...781ffe4361c3a17 to be useful. I was able to download and run the GMER program, which showed me to be clean. Generally I found that either they were not compatible with Vista or consistently timed out or windows can not open this file or still in beta testing and carry a disclaimer. I have not yet explored all of the listed sites. ....Z Quote
Guest FromTheRafters Posted February 26, 2009 Posted February 26, 2009 GMER is a good one to trust. "Zareba" <zareba@thetimewarp.com> wrote in message news:0D419633-D8A8-4399-A7EE-AE9EDDB5DD97@microsoft.com...<span style="color:blue"> > Note that I converted this message to plain-text format from HTML > format. > Newsgroups prefer plain-text and when messages are viewed in > plain-text > format it is essentially impossible for viruses to be effective. > ------------------------------------------------- > > Sorry about that, Sam. I am used to using rich text in Annexcafe > groups and forgot to change to plain text. A little senile dementia, I > suppose. > > I have been going to the sites that Kayman provided, but have found > only GMER - > http://www.gmer.net/index.phphttp://antiro...781ffe4361c3a17 > to be useful. I was able to download and run the GMER program, which > showed me to be clean. > > Generally I found that either they were not compatible with Vista or > consistently timed out or windows can not open this file or still in > beta testing and carry a disclaimer. I have not yet explored all of > the listed sites. > > ...Z > </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.