Slashdot Mirror

← Back to Stories (view on slashdot.org)

SysInternals Releases RootkitRevealer

Posted by ryuzaki0 on from the have-you-been-pwn3d-lately dept.

Brian writes "In the wake of news that Microsoft is developing prototype software to detect rootkits, SysInternals has released a free rootkit detection tool named RootkitRevealer for all Windows systems NT4+. RootkitRevealer works by "comparing the results of a system scan at the highest level with that at the lowest level," and detects every known rootkit at rootkit.com. They also report that it is impossible to know for sure that a given system is clean from within it, but that defeating their tool would require a level of sophistication not yet seen. You can download RootkitRevealer."

14 of 260 comments (clear)

  1. Strange... by bigtallmofo · · Score: 5, Funny

    Every time I try to go to www.sysinternals.com to find the new Rootkit removal application, my system shuts down automatically.

    Probably nothing to worry about.

    --
    I'm a big tall mofo.
    1. Re:Strange... by Anonymous Coward · · Score: 5, Funny

      Yeah, should probably just turn off that buffer overrun protection, don't know what it's good for anyways. Also you should set your administrative password to blank and share out your entire C drive with Everyone granted full control, just to make things easier.

  2. Bloated Software Giant Ahead of the Curve Again by Anonymous Coward · · Score: 5, Funny

    Wow. Pop-up blocking, rootkit detection, basic network security... isn't it amazing how an enormous patent library and billions of dollars encourages so much innovation? It's like they're ten years ahead of everyone else.

    Wait... no, the other way around...

    Free Sony PSPs. It's real. It's here.

  3. Rootkit? by Fls'Zen · · Score: 5, Funny

    I didn't think people needed rootkits for windows...

    1. Re:Rootkit? by Geek+of+Tech · · Score: 3, Funny
      Wouldn't the appearance that the computer hasn't been compromised lead one to become suspicious?

      :P

      --
      Stop the Slashdot effect! Don't read the articles!
    2. Re:Rootkit? by Carnildo · · Score: 2, Funny

      Its getting insane and I favor criminal rather than civil charges if spyware makers began to make trojan horse rootkits.

      Personally, if that occurs, I favor dynamite charges over either of the above.

      --
      "They redundantly repeated themselves over and over again incessantly without end ad infinitum" -- ibid.
  4. So this is... by JustNiz · · Score: 4, Funny

    >> RootkitRevealer works by "comparing the results of a system scan at the highest level with that at the lowest level,

    So this is a rootkit in itself.

    I don't know that I'd trust Microsoft anymore than anyone else running rootkits on my ststem.

  5. Looking forward... by Apiakun · · Score: 5, Funny

    defeating their tool would require a level of sophistication not yet seen

    What, until tomorrow?

  6. LOL by http101 · · Score: 2, Funny

    "RootkitRevealer works by "comparing the results of a system scan at the highest level with that at the lowest level," and detects every known rootkit at rootkit.com."

    So its kinda like telling my computer to turn its head and cough, right? *squeeze*

    --
    -- Game Developers: Stop porting badly-textured games from crappy console systems!
  7. Netcraft has announced; "God exists" by eatmywake · · Score: 2, Funny

    ...and goes by the alias "SysInternals".

    Forget the vatican and mecca, point your browsers to http://www.sysinternals.com and pay homage.

  8. Re:RootKit in windows? by tverbeek · · Score: 4, Funny
    Why are they called rootkits in windows, when the superuser is called "administrator" and not "root"?

    For the same reason trackpads, wireless pointing devices, and such are called "mice", even though they look nothing like a mouse.... why solid state storage devices are called "flash disks" or "flash drives", even though there's nothing flat and circular in them and no moving parts... why the stuff in the middle of pencils is called the "lead", even though it's mostly graphite... why magazines featuring stories told with sequential art are called "comic books", even though they're usually not humorous.

    --
    http://alternatives.rzero.com/
  9. Re:How do you REMOVE a rootkit? by 3.5+stripes · · Score: 3, Funny

    Format c:

    --


    He tried to kill me with a forklift!
  10. Re:RootKit in windows? by ratnerstar · · Score: 2, Funny

    Because "rootkit" sounds cool, like a plumber's tool or some sort of kinky sexual practice.

    --
    Just because you sold your soul to the devil that needn't make you a teetotaler. --The Devil and Daniel Webster
  11. In other news... by eatjello · · Score: 2, Funny

    Microsoft purchases SysInternals this week; new Microsoft rootkit exposer available via Windows Update.