Slashdot Mirror

← Back to Stories (view on slashdot.org)

SysInternals Releases RootkitRevealer

Posted by ryuzaki0 on from the have-you-been-pwn3d-lately dept.

Brian writes "In the wake of news that Microsoft is developing prototype software to detect rootkits, SysInternals has released a free rootkit detection tool named RootkitRevealer for all Windows systems NT4+. RootkitRevealer works by "comparing the results of a system scan at the highest level with that at the lowest level," and detects every known rootkit at rootkit.com. They also report that it is impossible to know for sure that a given system is clean from within it, but that defeating their tool would require a level of sophistication not yet seen. You can download RootkitRevealer."

9 of 260 comments (clear)

  1. Strange... by bigtallmofo · · Score: 5, Funny

    Every time I try to go to www.sysinternals.com to find the new Rootkit removal application, my system shuts down automatically.

    Probably nothing to worry about.

    --
    I'm a big tall mofo.
    1. Re:Strange... by Anonymous Coward · · Score: 5, Funny

      Yeah, should probably just turn off that buffer overrun protection, don't know what it's good for anyways. Also you should set your administrative password to blank and share out your entire C drive with Everyone granted full control, just to make things easier.

  2. Bloated Software Giant Ahead of the Curve Again by Anonymous Coward · · Score: 5, Funny

    Wow. Pop-up blocking, rootkit detection, basic network security... isn't it amazing how an enormous patent library and billions of dollars encourages so much innovation? It's like they're ten years ahead of everyone else.

    Wait... no, the other way around...

    Free Sony PSPs. It's real. It's here.

  3. Rootkit? by Fls'Zen · · Score: 5, Funny

    I didn't think people needed rootkits for windows...

    1. Re:Rootkit? by Geek+of+Tech · · Score: 3, Funny
      Wouldn't the appearance that the computer hasn't been compromised lead one to become suspicious?

      :P

      --
      Stop the Slashdot effect! Don't read the articles!
  4. So this is... by JustNiz · · Score: 4, Funny

    >> RootkitRevealer works by "comparing the results of a system scan at the highest level with that at the lowest level,

    So this is a rootkit in itself.

    I don't know that I'd trust Microsoft anymore than anyone else running rootkits on my ststem.

  5. Looking forward... by Apiakun · · Score: 5, Funny

    defeating their tool would require a level of sophistication not yet seen

    What, until tomorrow?

  6. Re:RootKit in windows? by tverbeek · · Score: 4, Funny
    Why are they called rootkits in windows, when the superuser is called "administrator" and not "root"?

    For the same reason trackpads, wireless pointing devices, and such are called "mice", even though they look nothing like a mouse.... why solid state storage devices are called "flash disks" or "flash drives", even though there's nothing flat and circular in them and no moving parts... why the stuff in the middle of pencils is called the "lead", even though it's mostly graphite... why magazines featuring stories told with sequential art are called "comic books", even though they're usually not humorous.

    --
    http://alternatives.rzero.com/
  7. Re:How do you REMOVE a rootkit? by 3.5+stripes · · Score: 3, Funny

    Format c:

    --


    He tried to kill me with a forklift!