Re: Windows Me "User Connected"
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 02/23/05
- Next message: kent: "Re: Kaspersky service"
- Previous message: winged: "Re: Windows Me "User Connected""
- In reply to: winged: "Re: Windows Me "User Connected""
- Next in thread: winged: "Re: Windows Me "User Connected""
- Reply: winged: "Re: Windows Me "User Connected""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Feb 2005 03:16:34 GMT
I was just made aware of a new utility by Sysinternals
http://www.sysinternals.com/ntw2k/freeware/rootkitreveal.shtml
"RootkitRevealer is a an advanced root kit detection utility. It runs on Windows NT4 and
higher and its output lists Registry and file system API discrepancies that may indicate the
presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all
rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender."
-- Dave "winged" <winged@nofollow.com> wrote in message news:cvgrgl$a0h@dispatch.concentric.net... | David H. Lipman wrote: | > At alternative to the Command Line utility NETSTAT.EXE is TCPVIEW (tcpview.exe v2.34) by | > Sysinternals | > | > http://www.sysinternals.com/ntw2k/utilities.shtml | > | > It is a GUI utility and will show the information real-time and under NT Based OS's it will | > also show the fully qualified executable opening a given port and communicating with a | > remote site. | > | And the process explorer tool at the same site can tell you what process | is reinstalling the software and where it is located. I suspect an | activeX control on the system. | | Winged
- Next message: kent: "Re: Kaspersky service"
- Previous message: winged: "Re: Windows Me "User Connected""
- In reply to: winged: "Re: Windows Me "User Connected""
- Next in thread: winged: "Re: Windows Me "User Connected""
- Reply: winged: "Re: Windows Me "User Connected""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
