Sysinternals Homepage
Forum Home Forum Home > Windows Discussions > Malware
  New Posts New Posts RSS Feed - Advanced Malware Cleaning
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Advanced Malware Cleaning

 Post Reply Post Reply
SpannerITWks View Drop Down
Senior Member
Senior Member

Joined: 14 August 2005
Location: United Kingdom
Status: Offline
Points: 896
Post Options Post Options   Thanks (0) Thanks(0)   Quote SpannerITWks Quote  Post ReplyReply Direct Link To This Post Topic: Advanced Malware Cleaning
    Posted: 30 December 2006 at 11:14pm

From the www -
Today's IT administrator needs to be prepared to identify, analyze, and remediate malware that slips through layered defences since most anti-malware solutions depend on signatures of known threats. This session takes you on a tour of malware infection and persistence technologies, including rootkits, and shows you on real malware infections how to use sophisticated tools like freeware tools Process Explorer, Autoruns, and RootkitRevealer to clean malware.


He's quite a good speaker, and gave an enlightening walk through of some of his Apps. I'm sure many including myself will now approach these with fresh impetus !

Re the Rootkits -

Apart from the standard hxdef, i was pleased to see him make an example of the WinGenerics/Apropo and SpySherrif et al nasties from earlier in the year, that caused a lot of headaches for many people out there, and some later versions still do !

He mentioned several AntiRootkit Apps, GMER/IceSword/Blacklight and of course demo'd his own RootkitRevealer, but NO mention anywhere of one of best of all RootkitUnhooker. I wonder why ? as i would have thought he should be aware of it by now, especially as it's featured heavily right here on the Sysinternals forum !


He stated that ALL the Sysinternals tools he used, like Process Explorer etc, are Win95 onwards compatable. Well they used to be before MS took over, now they have All been made not to on purpose ? They Only work on XP etc OS's now ! Still if you were fortunate to DL some or all of the SI Apps before the takeover, you can use the existing versions at will on Any OS.

All in all worth the initial time wasting etc hassle, but i wouldn't relish having to do that every time i wanted to watch a video ! It's not like it's top secret etc, why do they make it so difficult ? It doesn't have to be like that.

Direct link without all the multiple logging in and email verification palava - 0369_en_w&f=0369_en&uid=0006400080C7E62F&lng=en& amp; amp; amp;cou=emea

PPT version -


edit - typo Only

Edited by SpannerITWks - 30 December 2006 at 11:56pm
Stay Safe - SpannerITWks/SpannerInTheWorks -
BOClean AntiMalware -
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 11.06
Copyright ©2001-2016 Web Wiz Ltd.