Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I just need to know how to use Root Repeal


  • Please log in to reply
3 replies to this topic

#1 kaatucan

kaatucan

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin Texas
  • Local time:03:26 AM

Posted 22 February 2010 - 04:48 AM

Hi all hope this is not to dumb of a question, But I need to know how to use Root Repeal, I have one laptop running XP pro and a desktop running XP home I am wanting to check both machines thanks for any advice

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:26 AM

Posted 22 February 2010 - 02:30 PM

Check both machines for what?

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:26 AM

Posted 22 February 2010 - 02:41 PM

Moving to AV forum given nature of question. ~ OB
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,939 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:26 AM

Posted 22 February 2010 - 03:44 PM

If you're unsure how to use a particular Anti-rootkit (ARK) tool, then you should not be using it. Some ARK tools are intended for advanced users or to be used under the guidance of an expert who can interpret the log results. Arks are powerful tools and using them incorrectly could lead to disastrous problems with your operating system. Most of the more effective ARK tools like RootRepeal should only be utilized by advanced users or under the guidance of an expert as they generate logs which must be interpreted and investigated before taking any removal action.

Why? Not all hidden components detected by ARKs are malicious. It is normal for a Firewall, some Anti-virus and Anti-malware software (ProcessGuard, Prevx1, AVG AS), sandboxes, virtual machines and Host based Intrusion Prevention Systems (HIPS) to hook into the OS kernal/SSDT in order to protect your system. SSDT (System Service Descriptor Table) is a table that stores addresses of functions that are used by Windows. Whenever a function is called, Windows looks in this table to find the address for it. Both Legitimate programs and rootkits can hook into and alter this table. You should not be alarmed if you see any hidden entries created by legitimate programs after performing a scan.

There are many free ARK tools but some of them require a certain level of expertise and investigative ability to use. These are a few of the easier ARKS for novice users:Malwarebytes Anti-Malware uses a proprietary low level driver (similar to some ARK detectors) to locate hidden files and special techniques which enable it to detect a wide spectrum of threats including active rootkits. SUPERAntiSypware offers technology to deal with rootkit infections as well.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users